Exploit Development: Playing ROP’em COP’em Robots with WriteProcessMemory()
Gaining code execution with WriteProcessMemory() via ROP and outlining the occasional need for Call-Oriented Programming.
Recent posts
Exploit Development: Leveraging Page Table Entries for Windows Kernel Exploitation
Exploiting page table entries through arbitrary read/write primitives to circumvent SMEP, no-execute (NX) in the kernel, and page table randomization.
Turning the Pages: Introduction to Memory Paging on Windows 10 x64
Brief introduction to memory paging on Windows 10 x64 to help leverage bypassing SMEP via page table entries.
Exploit Development: Rippity ROPpity The Stack Is Our Property - Blue Frost Security eko2019.exe Full ASLR and DEP Bypass on Windows 10 x64
Reverse engineering BFS’s eko2019.exe application and obtaining an ASLR bypass via an arbitrary read primitive.
Exploit Development: Panic! At The Kernel - Token Stealing Payloads Revisited on Windows 10 x64 and Bypassing SMEP
Revisiting token stealing payloads on Windows 10 x64 and diving into mitigations such as SMEP.