+-------------------------------------------------------------------------+ | This file has been generated by The Iron-Ox Tools | | CopyLeft (c) 2010-2015/VxJump, | | by nEINEI | | Automated Exploit Analysis Tools | +-------------------------------------------------------------------------+ **************************************** 2015/03/13 16:40:44.494 Current Target Process:C:\Program Files\Internet Explorer\iexplore.exe **************************************** Exploit Type:Heapspary Attacking Address While In the Vulnerability Happens:7E278C83 Registers While In The Vulnerability Happens: EAX:0203F890,EBX:0A0A0A0A,ECX:0A0A0A0A,EDX:02038A90,ESI:0203EB60,EDI:FFFFFFFF,EBP:0012E37C,ESP:0012E35C Current Stack Pointer:--->0x0012E35C Stack Information:Probably Execution Code stack[0]:0x7E44C4C8 stack[1]:0x02038AE0 stack[2]:0x0039B9D8 stack[3]:0x7E4B61EC 7E278C83: 8B01 MOV EAX,DWORD PTR DS:[ECX] ; <=================================== 7E278C85: FF5034 CALL DWORD PTR DS:[EAX+34H] ; <=================================== 7E278C88: 8B400C MOV EAX,DWORD PTR DS:[EAX+0CH] ; 7E278C8B: C3 RET ; Pop IP 7E278C8C: 90 NOP ; 7E278C8D: 90 NOP ; 7E278C8E: 90 NOP ; 7E278C8F: 90 NOP ; 7E278C90: 90 NOP ; 7E278C91: 8B4118 MOV EAX,DWORD PTR DS:[ECX+18H] ; 7E278C94: 84C0 TEST AL, AL ; 7E278C96: 0F88 E7040100 JS 7E289183 ; 7E278C9C: F6C401 TEST AH,01 ; 7E278C9F: 0F85 DE040100 JNZ 7E289183 ; 7E278CA5: F6C402 TEST AH,02 ; 7E278CA8: 0F84 89220000 JZ 7E27AF37 ; 7E278CAE: 8B491C MOV ECX,DWORD PTR DS:[ECX+1CH] ; 7E278CB1: 8B11 MOV EDX,DWORD PTR DS:[ECX] ; 7E278CB3: FF6234 JMP DWORD PTR DS:[EDX+34H] ; 7E278CB6: 90 NOP ; [[[[[[[[[[[[[[[[[Wrong information,can not be recored.]]]]]]]]]]]]]]]]]] //-------------------------------------------------------------------------------------------------------