• slider1

  • slider2

  • slider3

  • slider4
  • https://zdresearch.com
  • https://zdresearch.com
  • https://zdresearch.com
  • https://zdresearch.com

Penetration Testing

Our real world attack simulation service. click on image to learn more.

BA / WA (PoC/Exploits)

Our frequent , early and rapid vulnerability analysis service. click on image to learn more.

Advanced training

Our unique online/in-site offensive-security training. click on image to learn more.

Custom Research

Our custom vulnerability/code analysis and exploitation service. click on image to learn more.

Internet explorer version detection & ROP genration

Written by ZD. Posted in Blog

Hello all

 

Once upon a time I was writing some exploit for internet explorer. The problem for exploiting IE was that I had no capability to detect exact version of mshtml.dll module. So my ROP gadgets were working only for one exact version of unpatched DLL. To overcome this hurdle and write some exploits that work on every unpatched system I had to solve two problems:

-        Find a way to detect mshtml module version

-        Automatically generate ROP gadgets for archive of mshtml.dll