Thursday, March 25, 2010

Pwn2Own 2010 Windows 7 Internet Explorer 8 exploit

The exploit consists of two parts.
The first part figures out where a certain .dll file is loaded in the current process followed by step 2 that uses the information gathered in step 1 to trigger an exploit that uses some ret2lib technique to disable DEP for our shellcode and then redirects the program flow to the shellcode.

Download PDF

No comments: