Skip to content
/ sehcall Public

Windows X64 mode use seh in manual mapped dll or manual mapped sys

70 stars 27 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

cs1ime/sehcall

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
kmsehcall
kmsehcall
 
 
umsehcall
umsehcall
 
 
image-20221009192708539.png
image-20221009192708539.png
 
 
image-20221009192831645.png
image-20221009192831645.png
 
 
readme.md
readme.md
 
 

Repository files navigation

Windows X64 mode use seh in manual mapped dll or manual mapped driver

在手动映射dll或手动映射驱动中使用seh

偶然发现的一个seh特性,只要返回地址在异常表记录范围内,Windows就会正常处理seh,把ip修改回到Handler的地址,只要找到Handler代码是直接返回的函数就能实现任意使用seh

r3可以利用IsBadReadPtr

image-20221009192831645

r0可以利用KdpSysWriteMsr

image-20221009192708539

About

Windows X64 mode use seh in manual mapped dll or manual mapped sys

Resources

Readme
Activity

Stars

70 stars

Watchers

5 watching

Forks

27 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages