Created
October 16, 2015 20:47
-
-
Save blaquee/814d0cae0d89543409f7 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 00403A95 . 68 C0144000 PUSH 5d8645f7.004014C0 ; SE handler installation | |
| 00403A9A . 64:FF35 000000>PUSH DWORD PTR FS:[0] | |
| 00403AA1 . 64:8925 000000>MOV DWORD PTR FS:[0],ESP | |
| 00403AA8 . 8D4D FC LEA ECX,DWORD PTR SS:[EBP-4] | |
| 00403AAB . 8D55 EC LEA EDX,DWORD PTR SS:[EBP-14] | |
| 00403AAE . 51 PUSH ECX | |
| 00403AAF . 33FF XOR EDI,EDI | |
| 00403AB1 . 52 PUSH EDX | |
| 00403AB2 . BE 40000000 MOV ESI,40 | |
| 00403AB7 . 57 PUSH EDI | |
| 00403AB8 . 57 PUSH EDI | |
| 00403AB9 . 8975 FC MOV DWORD PTR SS:[EBP-4],ESI | |
| 00403ABC . E8 A9330000 CALL <JMP.&ADVAPI32.LsaEnumerateAccountRights> ; Illegal call (Raises Exception) | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment