In light of COVID-19 precaution measures, we remind that all ImmuniWeb products can be easily configured and safely paid online without any human contact or paperwork.

nav #navigation ul.menu li:hover .dropmenu {display:block;} .head-menu nav .sub-menu-wrapper { top: 28px; } .head-menu nav .menu-item:hover .sub-menu-wrapper { display: block; }

Cybercriminals Aggressively Exploit Post-COVID Attack Surface

July 2, 2020

Top 10 Failures of AI

June 2, 2020

Take Your Shodan Asset Search to the Next Level

April 27, 2020

Post-Coronavirus Cybersecurity: Join PwC and ImmuniWeb Webinar

April 22, 2020

6 Reasons Why AI is Important in 2020

March 25, 2020

News and press releases

New Features of Community Edition Mobile Scanner

July 9, 2020

ImmuniWeb Joins JVP Play CyberNYC

June 17, 2020

ImmuniWeb to Offer a Free Online Test to Illuminate Your Dark Web Exposure

May 20, 2020

ImmuniWeb Discovery to Illuminate Critical Network Infrastructure

April 16, 2020

ImmuniWeb Enables Secure Digital Transformation for Coronavirus-Affected Business

March 23, 2020

OWASP Top 10

OWASP’s #1 Web Application Risk - the Threat of and Solution to Web Application Injection Attacks

June 14, 2018

OWASP’s #2 Web Application Risk – the Threat of and Solution to Broken Authentication

June 21, 2018

OWASP’s #3 Web Application Risk – the Threat of and Solution to Sensitive Data Exposure

June 28, 2018

XML External Entities (XXE): the Threat of and Solution

July 5, 2018

OWASP Top 10: Broken Access Control, the risks and solutions

July 12, 2018

Security Misconfiguration, a conscious element of OWASP Top 10, the risks and solutions

July 19, 2018

XSS, a notable OWASP Top 10 old-timer, still brings up to $7,500 to researchers

July 26, 2018

Insecure Deserialization: OWASP Top 10 element of arduous exploitation but leading to system takeover

August 2, 2018

Components with Known Vulnerabilities - a major OWASP Top 10 Risk

August 21, 2018

Last but not least: OWASP Top Ten #10 - Insufficient Logging and Monitoring

August 14, 2018

Search Blog

#infosec #OWASP
#Risk Management #microservices
#Application Security #Cybersecurity #AI #DevSecOps

ImmuniWeb > Security Blog

Structured Exception Handler Exploitation

1.6k
197
22
2
10
More
10
5
8

Wednesday, June 15, 2011 By Brian Mariani Read Time: 4 min.

The SEH exploitation technique was publicly documented by David Litchfield in September of 2003. At a high-level, the SEH overwrite technique uses a software vulnerability to execute arbitrary code by abusing the 32-bit exception dispatching facilities provided by Windows. At a functional level, an SEH overwrite is generally accomplished by using a stack-based buffer. This document explains SEH details while exploiting a real case.

Author: Brian Mariani, Senior Security Auditor at High-Tech Bridge SA

The SEH exploitation technique was publicly documented by David Litchfield in September of 2003. At a high-level, the SEH overwrite technique uses a software vulnerability to execute arbitrary code by abusing the 32-bit exception dispatching facilities provided by Windows. At a functional level, an SEH overwrite is generally accomplished by using a stack-based buffer. This document explains SEH details while exploiting a real case.

Structured Exception Handler Exploitation

PDF: Structured Exception Handler Exploitation (380 kB)

Structured Exception Handler Exploitation

Video: Structured Exception Handler Exploitation

Tags: Exploitation

Previous Blog Posts:

Fake Malware and Virus Scanners

Become fully aware of the potential dangers of ActiveX attacks

1.6k
197
22
2
10
More
10
5
8

User Comments