Writing SEH Exploits

June 17, 2011 by Andrew Whitaker

In these two videos, we will demonstrate how to write an exploit of the Structured Exception Handler. The video assumes you already understand how SEH and exploits work.

We will exploit an Easy Chat Server using OllyDbg. First we will use a skeleton of an exploit to find a SEH and then insert the actual shell code to add a new user with administrative rights using Cygwin Shell, a Metasploit utility.


Part 1:

Part 2:

Posted: June 17, 2011
Andrew Whitaker
View Profile

Andrew Whitaker is a Senior Instructor for both the InfoSec Institute and the Intense School. He is also a nationally recognized expert on information security. He has performed penetration tests on numerous financial institutions throughout the United States and has been a regular consultant to government agencies on cyber security.He is also the author of several best-selling security and networking books, including "Penetration Testing and Network Defense" (Cisco Press), "Cisco Router Configuration Handbook" (Cisco Press), and "Chained Exploits: Advanced Hacking Attacks From Start to Finish" (Addison-Wesley). He is also a frequent conference speaker and has given talks on ethical hacking at Defcon, Chicagocon, SecurePhilly, and TakeDownCon. Whitaker also holds a Master’s Degree in Computer Science. He has trained the military, government defense contractors, and intelligence agencies on cyber security, risk management, ethical hacking, reverse engineering and exploit development.