About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Exploiting a “Simple” Vulnerability – In 35 Easy Steps or Less!- 338

Yarden ShafirPosted 5 Years Ago
  • Finding bugs is one thing; exploiting the bug is an entirely different thing. The bulk of this article is taking simple bug in the Windows Kernel and turning this into an exploit. Because this is the Windows Internals blog, this a dense article all about Windows!
  • There is logic that assumes either a 0 (false) or 1 (true) for the protocol. However, any value from 0-0xFF can be used. Because of this, there is sort of a type confusion that leads to a path being taken that increments a pointer that should NOT be incremented.
  • From there, there is a dump of Windows internal information. I just wanted to keep this here for safe-keeping in case I ever wanted to dive into the Windows world.
  • Besides all of the Windows stuff, I enjoyed the real world approach to this. There were many road blocks that forced the author to consider other paths to setup the exploitation properly.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed