Video

EXPLOIT RESEARCH MEGAPRIMER PART 7 OVERWRITE SEH

Description:

Welcome to Part 7 of the Exploit Research Megaprimer. Please begin this series by watching Part 1, if you have not already done so!This video will build on SEH concepts discussed in the previous one. We will understand how the exception dispatcher works, KiUserExceptionDispatcher and other important code in the OS responsible for exception handling, __except_handler3(), exception registration records and their structure, exception handler prototype, analysis of the thread stack and the exception dispatcher stack, how the Establisher Frame points to the Exception Registration Record, pointing the exception handler to a POP/POP/RET sequence and the implications of the same for EIP and how a buffer overflow can help an attacker overwrite the SEH records. This video is a must watch before we actually take up exploiting a SEH vulnerability. As always, the theory is explained with the help of taking a practical example to understand all these concepts.

Show More

Phannarith

Mr. OU Phannarith is one of the well-known cybersecurity experts in Cambodia and the region. He is the founder of the first leading information security website (www.secudemy.com) in Cambodia. He has been invited to present in global conferences, forums, and seminars and he was awarded in Information Security Leadership Achievements (ISLA) in 2016 by (ISC)2 and in December 2012 as one of the top 10 Chief Information Security Officers (CISO) in ASEAN by the International Data Group (IDG). Mr. OU has been the Professor specializing in Cybersecurity.

Related Articles

Back to top button