CVE-2011-2018 exploitation as a standalone paper + other news [Archive]

View Full Version : CVE-2011-2018 exploitation as a standalone paper + other news

j00ru vx tech blog

May 20th, 2012, 09:24

Hey guys, I figured that it might be worth releasing the “The story of CVE-2011-2018 exploitation” as a stand-alone, nicely formatted paper for your reading convenience. It was previously released in the Hack in The Box Magazine #8 over a month ago (see announcement blog post). In short words, the paper is a guide through [...]

http://j00ru.vexillium.org/?p=1093

Indy

May 22nd, 2012, 12:55

trap.asm, Kt0b30 available only from the kernel:

Code:

_KiTrap0B       proc



; Set up machine state frame for displaying



        ENTER_TRAP      kitb_a, kitb_t



;

;   Did the trap occur in a VDM?

;



        test    byte ptr [ebp]+TsSegCs, MODE_MASK  ; Is previous mode = USER

        jz      Kt0b30

В любом случае гонево.