Recently, I solved a CTF challenge on CyberDefeners, and I can't wait to share my write-up with all of you. 🚀✨
While I was solving the CTF I faced a ShellCode which is part of an exploit used to exploit a vulnerability CVE-2017-11882 💣. This vulnerability is found in many Microsoft office products in different versions.
So, after completing the challenge I tried to read the ShellCode myself and understand what it's doing and found that it's better to share my analysis to help anyone trying to read the ShellCode himself/herself. I hope you enjoy it 😃
If you found anything unclear, contact me by any means below 👇
- Ghidra: for disassemblying the ShellCode.
- WinDBG
Email: gamalkeroles58@gmail.com
LinkedIn: https://www.linkedin.com/in/keroles-gamal/