Skip to content
master
Switch branches/tags
Code
This branch is up to date with master.
Contribute

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
 
 
 
 
 
 
 
 

###################################################################### Software : OllySSEH /SafeSEH Module Scanner Date : 21 May 2007 Description : OllyDbg /SafeSEH in-memory module scanner Author : Mario Ballano (mballano~gmail.com) Web : http://www.48bits.com/ ######################################################################

This plugin does an in-memory scanning of process loaded modules checking if they were compiled with /SafeSEH, if so it can list the registered handlers (you can follow them at CPU window doing double click ).

This plugin is useful when exploiting vulnerabilities in systems with Software DEP protection.

The plugin lists all loaded modules and can give you the following results for each one:

/SafeSEH Off : No /SafeSEH, jump party ;-)

/SafeSEH ON : /SafeSEH active, you can list registered handles using rigth click.

No SEH : SEH is not active for this module, take a look at PE/COFF specs (IMAGE_DLLCHARACTERISTICS_ NO_SEH)

Error : There was an error reading module structure :-(

######################################################################

References :

http://msdn2.microsoft.com/en-us/library/9a89h429(VS.80).aspx http://www.microsoft.com/whdc/system/platform/firmware/PECOFF.mspx

Greets :

Ruben Santamarta, from http://www.reversemode.com/, for helping me with an anoying unicode/mdi bug in my Visual Studio project! :-)

Cheers,

Mario Ballano

About

ollysseh ollydbg plugin

Resources

License

Releases

No releases published

Packages

No packages published

Languages