| ▲ | bri3d 5 days ago | |
In addition to the original EntryBleed article, https://exploits.forsale/24h2-nt-exploit/ and the corresponding https://github.com/exploits-forsale/prefetch-tool are useful for understanding the same exploit on Windows (which works the exact same way, of course). | ||
| ▲ | eigenform 5 days ago | parent [-] | |
(Sorry for the self-plug but) I also wrote a bit about the behavior of PREFETCH recently in case anyone is interested in this sort of thing. See this example (for Linux on AMD): https://github.com/eigenform/perfect/blob/e5da0c693ba5d1b654... .. and here's another example in the case of EntryBleed: https://github.com/eigenform/perfect/blob/e5da0c693ba5d1b654... | ||