Info Leak using Win32 Apis for Exploit Dev
·1 min
Table of Contents
Win32 Apis that could result in information leak useful to investigate during exploit development. If you are reviewing the TCP protocol, you need to find the function that will actually send the data back to you, most the time using the send function.
- DebugHelp (Dbghelp.dll)
- ToolHelp32Snapshot (kernel32.dll)
- EnumProcessModules (kernel32.dll or Psapi.dll)
- fopen (stdio.h)
- printf (stdio.h) // Useful if vulnerable to format string vulnerability
Fun with Info-Leaks #
Good article Fun With Info-Leaks
Good Resource #
A github I found with lots of great information about exploit development Great Resource