CVE-2015-0057

Elevation of privilege detector based on HyperPlatform

EopMon Introduction EopMon is a hypervisor-based elevation of privilege (EoP) detector It can spots a process with a stolen system token and terminate it by utilizing hypervisor's ability to monitor process context-swiching While EopMon is tested against multiple EoP exploits carried out by in the wild malware (*1), it is rather meant to be an educational tool to demonst

Awesome Windows Exploitation A curated list of awesome Windows Exploitation resources, and shiny things There is no pre-established order of items in each category, the order is for contribution If you want to contribute, please read the guide Table of Contents Windows stack overflows Windows heap overflows Kernel based Windows overflows Windows Kernel Memory Corruption Re

noted

Windows stack overflows Stack Base Overflow Articles + Win32 Buffer Overflows (Location, Exploitation and Prevention) - by Dark spyrit [1999] + Writing Stack Based Overflows on Windows - by Nish Bhalla’s [2005] + Stack Smashing as of Today - by Hagen Fritsch [2009] + SMASHING C++ VPTRS - by rix [2000] ## Windows heap overflows Heap Base Overflow Articles + Third Generat

bh-asia-16 A New CVE-2015-0057 Exploit Technology

Windows Kernel Exploit cve-2015-0057 win81 下 uaf 漏洞。 MS16-098 win81 下整数溢出漏洞，漏洞利用关键字： Pool Overflow、Abusing Gdi Objects Analysis

Awesome Windows Exploitation A curated list of awesome Windows Exploitation resources, and shiny things There is no pre-established order of items in each category, the order is for contribution If you want to contribute, please read the guide Table of Contents Windows stack overflows Windows heap overflows Kernel based Windows overflows Windows Kernel Memory Corruption Re

翻译文章，CVE-2015-0057漏洞在32位和64位系统上的利用。Exploiting the win32k!xxxEnableWndSBArrows use-after-free (CVE 2015-0057) bug on both 32-bit and 64-bit(Aaron Adams of NCC )

CVE-2015-0057漏洞在32位和64位系统上的利用 作者：Aaron Adams 翻译：55-AA 译注：本文部分地方采用了意译，如有疑问请参阅原文。 术语： 操作原语(primitive)：类似于一个功能函数，是一系列腐蚀操作的集合，以完成一个完整的可重复利用的功能，如读取内存、写入任意数据等。 代序 今年早

Use CVE-2016-3308 corrupt win32k desktop heap

Use CVE-2016-3308 corrupt win32k desktop heap author : @55-AA, Sept 18, 2016 ##Introduction Desktop heap is a kernel pool used by win32k, it can be exploited by user-mode application Here I will describe in detail how to implement a reliable exploitation so that to read/write arbitrary address in kernel This writeup and associated analysis are done on a win7_sp1_x86(build 178