środa, 2 listopada 2016

Divided Paint

One result from fuzzer described below. 
First of all, let's attach MSPaint in Windbg:

After running poc.ico we will get the crash:

As you can see there is a DIV instruction for EAX and EDI. You can get more details in Windbg, type:

Windbg> u eip-7

... which is unassemble for EIP(-7 instructions):

Poc is available on my github.

Special thanks: +HCU.

