Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Video: Quick & Dirty Shellcode Analysis - CVE-2017-11882 - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Video: Quick & Dirty Shellcode Analysis - CVE-2017-11882

Xavier did a dynamic analysis of a malicious document with an equation editor exploit.

In this video, I perform a quick & dirty static analysis using oledump.py, xorsearch and scdbg.

If you are more interested in all the technical details of an equation editor exploit, take a look at diary entry Dissecting a CVE-2017-11882 Exploit.

 

Didier Stevens
Senior handler
Microsoft MVP
blog.DidierStevens.com

DidierStevens

638 Posts
ISC Handler
Feb 27th 2022

Sign Up for Free or Log In to start participating in the conversation!