Just released a new blog post in my exploitation tricks series about research I did to implement a virtual memory access trap on Windows to make exploitation of certainly classes of vulnerabilities deterministic https://googleprojectzero.blogspot.com/2021/01/windows-exploitation-tricks-trapping.html …
ive had luck with strategy based on "if switching between a and b as fast as possible there is 25% chance of success" dont know if doable here though....
-
-
If you read the Bochspwn paper that talks about probabilistic attacks and can be pretty reliable sometimes up to 100% within a short time window. The whole point of the blog though is to make it deterministic :-)
-
yarh allright, Ive also been thinking about edge cases to enable that- only thing is: With webdav you can open a file with write, it gets cached- now write what you want, then open again with only read_attributes(without closing original), now close original open.
- Show replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.