+-------------------------------------------------------------------------+ | This file has been generated by The Iron-Ox Tools | | CopyLeft (c) 2010-2015/VxJump, | | by nEINEI | | Automated Exploit Analysis Tools | +-------------------------------------------------------------------------+ **************************************** 2015/03/13 16:31:24.369 Current Target Process:C:\Program Files\Internet Explorer\iexplore.exe **************************************** Exploit Type:Heapspary Attacking Address While In the Vulnerability Happens:5DD8D75D Registers While In The Vulnerability Happens: EAX:0C0C0C08,EBX:00000000,ECX:5DDA5DFC,EDX:00000001,ESI:0C0C0C08,EDI:0012E314,EBP:0012E110,ESP:0012DFF4 Current Stack Pointer:--->0x0012DFF4 Stack Information:Probably Execution Code stack[0]:0x0012E22C stack[1]:0x0012E314 stack[2]:0x5DE1F584 stack[3]:0x00000017 5DD8D75D: 8B08 MOV ECX,DWORD PTR DS:[EAX] ; 5DD8D75F: FF7524 PUSH DWORD PTR SS:[EBP+24H] ; 5DD8D762: FF7520 PUSH DWORD PTR SS:[EBP+20H] ; 5DD8D765: 57 PUSH EDI ; 5DD8D766: 6A03 PUSH 03 ; 5DD8D768: FF7514 PUSH DWORD PTR SS:[EBP+14H] ; 5DD8D76B: 68 F8A7D85D PUSH 5DD8A7F8 ; 5DD8D770: 53 PUSH EBX ; 5DD8D771: 50 PUSH EAX ; 5DD8D772: FF5118 CALL DWORD PTR DS:[ECX+18H] ; 5DD8D775: 89450C MOV DWORD PTR SS:[EBP+0CH],EAX ; 5DD8D778: 8B06 MOV EAX,DWORD PTR DS:[ESI] ; 5DD8D77A: 56 PUSH ESI ; 5DD8D77B: FF5008 CALL DWORD PTR DS:[EAX+08H] ; <========================================================= 5DD8D77E: EB79 JMP 5DD8D7F9 ; 5DD8D780: B8 57000780 MOV EAX, 80070057 ; 5DD8D785: E9 8E000000 JMP 5DD8D818 ; 5DD8D78A: 8D4D18 LEA ECX,DWORD PTR SS:[EBP+18H] ; 5DD8D78D: 51 PUSH ECX ; 5DD8D78E: 8D4DF8 LEA ECX,DWORD PTR SS:[EBP-08H] ; [[[[[[[[[[[[[[[[[Wrong information,can not be recored.]]]]]]]]]]]]]]]]]] //-------------------------------------------------------------------------------------------------------