!exploitable 1.6

Rating:        Based on 1 rating
Reviewed:  1 review
Downloads: 9447
Change Set: 83548
Released: May 1, 2013
Updated: May 2, 2013 by AndyRenk
Dev status: Beta Help Icon

Recommended Download

Application MSECExtensions_1_6_0.zip
application, 2726K, uploaded May 2, 2013 - 9447 downloads

Release Notes

1.6.0 Updates:

ARM Dump Support Added
Changed default hashing algorithm to SHA256
Added Support to chose the hashing algorithm used (for backwards compatibility)
Added support for custom exclude hash list
Updated -v output to show which frames are used to determine the major and minor hash
Added version number logging
Added line number and source file reporting
Added checking for exception handler chain corruption as an Exploitable case
Added Stack Exhaustion as a Probably Not Exploitable case
Added more AppVerifier symbols to the excluded symbols list
Added checking for kernel mode code running in user land as an Exploitable case
Moved "Read AV Near Null" to terminal rule status
Added "App Verifier Stop Detected"
Moved "Read AV Near Null" to Probably Not Exploitable
Moved "Write AV Near Null" to Unknown
Added the XLAT command for x86 and x64
Correctly pull the TEB32 for WOW process on 64 bit Windows
Translate stack exhaustion cases that manifest as Write AVs into stack exhaustion
Changed the naming of Stack Overflow to Stack Exhaustion
Fixed a bug in the logic determining if code is in user or kernel space

Reviews for this release

It's good, but I want to use this in Windows XP
by kyungrakhwang on Feb 1, 2016 at 6:41 AM