Basically first stage payload use VirtualAlloc to allocate some RWX memory and then download the second stage and so on..
I prepared a video of exploiting the vulnerable service(MiniShare WebServer) by using staging just for fun:) . ( I changed the injection vector from direct jmp esp to pop retn + jmp esp with some fake stack alignment)
No comments:
Post a Comment