[framework] Executable Download and Execute - payload
Nicolas RUFF
nicolas.ruff at gmail.com
Mon Jan 28 14:17:42 CST 2008
> Could anyone tell me why when I am debugging program which is executing
> "Windows Executable Download and Execute" payload then it occurs problem
> with SEH executing - ollydbg says that debugged program can't handle the
> exception and after that it terminates the program. But, when I run this
> program normally - it is not debugged - then this program with you
> shellcode works properly.
Hello,
Sorry for coming late and maybe off-topic.
In most cases, exception-based shellcode debugging issues on Windows are
due to the fact that Unhandled Exception Filter is *not* called when a
program is being debugged.
http://msdn2.microsoft.com/en-us/library/ms680634(VS.85).aspx
If you are using OllyDbg, trying to hide the debugger with some cool
plugin like OllyAdvanced.
Regards,
- Nicolas RUFF
More information about the framework
mailing list