white phosphorus
Universal DEP/ASLR bypass with msvcr71.dll and mona.py
Over the last few weeks, there has been some commotion about a universal DEP/ASLR bypass routine using ROP gadgets from msvcr71.dll (written by Immunity Inc) and the fact that it might have been copied into an exploit submitted to Metasploit as part of the Metasploit bounty.
I’m not going to make any statements about this, but the ROP routine itself looks pretty slick.
Continue reading →
Posted in 001_Security, Exploit Writing Tutorials, Exploits | Tagged aslr, bounty, bypass, chain, corelan, dep, exploit, finding-universal-offsets-immunity, gadget, httpswww-corelan-beindex-php20110703universal-depaslr-bypass-with-msvcr71-dll-and-mona-py, immunity, metasploit, mona.py, mscvr-dll, msvcr71, return oriented programming, rop, rop-mona-py, universal-rop-bypass, white phosphorus
Corelan Training
We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011
Check out our schedules page here and sign up for one of our classes now!
Check out our schedules page here and sign up for one of our classes now!
Donate
Want to support the Corelan Team community ? Click here to go to our donations page.
Want to donate BTC to Corelan Team?
Your donation will help funding server hosting.
Your donation will help funding server hosting.
Corelan Team Merchandise
You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.
Corelan on Slack
You can chat with us and our friends on our Slack workspace: