Hi all,
While preparing for my Advanced exploit dev course at Derbycon, I’ve been playing with heap allocation primitives in IE. One of the things that causes some frustration (or, at least, tends to slow me down during the research) is the ability to quickly identify objects that may be useful. After all, I’m trying to find objects that contain arbitrary data, or pointers to arbitrary data, and it’s not always easy to do so because of the noise.
I decided to add a few new features to mona.py, that should allow you to find interesting objects in a faster way.
more here.................https://www.corelan.be/index.php/2014/08/16/analyzing-heap-objects-with-mona-py/
While preparing for my Advanced exploit dev course at Derbycon, I’ve been playing with heap allocation primitives in IE. One of the things that causes some frustration (or, at least, tends to slow me down during the research) is the ability to quickly identify objects that may be useful. After all, I’m trying to find objects that contain arbitrary data, or pointers to arbitrary data, and it’s not always easy to do so because of the noise.
I decided to add a few new features to mona.py, that should allow you to find interesting objects in a faster way.
more here.................https://www.corelan.be/index.php/2014/08/16/analyzing-heap-objects-with-mona-py/