It's been covered by CFG for a while as far as I know -- what was the failing stack with STATUS_ACCESS_VIOLATION?
-
-
-
Unfortunately, I didn't save it. I started using it in BugId to break into the debugger because I was unable to reliably distinguish a breakpoint caused by the application from one caused by DebugBreakProcess.
-
CreateRemoteThread gives you the thread id and I knew what exception to expect (AV), so I could easily distinguish it from other exceptions caused by the application itself. Crude but effective. Recently this broke when CFG started interfering, I do not know when exactly.
-
I was just curious what real-life attack this would mitigate, as I could not think of anything that does not involve a catch-22 of having to execute code to execute code... except perhaps sandbox escapes? Anyway, thanks for confirming!
- 1 more reply
New conversation -
-
-
hey check dm :)
@berendjanweverThanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.