MS IE OBJECT tag exploit'



            

- 2


EBX 1Ah? , MOV EBX, EAX, EAX EBX. EAX DllGetClassObject+0x1f573, 75AD7E43h. , DllGetClassObject

! , , .  .

- . 75AD7E43h , 34h , exploit' - . , IE, , HTML- . , 75AD7E43h ( ) , .

, IEdie2-3, :

eax=00000000 ebx=000af334 ecx=00000428 edx=01340294 esi=01480007 edi=01481990

eip=75acc4da esp=0006dba0 ebp=0006dbcc iopl=0 nv up ei pl nz na pe nc

: <nosymbols>

75acc4bd 60 pushad

75acc4be 8501 test [ecx],eax ds:00000428=?????

75acc4c0 56 push esi

75acc4c1 8bf1 mov esi,ecx

75acc4c3 e8555cfcff call 75a9211d

75acc4c8 668b766c mov si,[esi+0x6c] ds:01efd5de=????

75acc4cc 6685f6 test si,si

75acc4cf 7418 jz DllGetClassObject+0x14b19 (75acd3e9)

75acc4d1 0fb7ce movzx ecx,si

75acc4d4 69c998000000 imul ecx,ecx,0x98

-> 75acc4da 8b8020040000 mov eax,[eax+0x420] ds:00000420=??????

75acc4e0 5e pop esi

75acc4e8 c3 ret

FramePtr ReturnAd Param#1 Param#2 Param#3 Param#4 Function Name