VBscriptInternals Save

Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis

Project README

VBscriptInternals

Author: Boris Larin

This repository contains scripts for disassembling VBScript p-code in the memory to aid in exploits analysis.

https://securelist.com/delving-deep-into-vbscript-analysis-of-cve-2018-8174-exploitation/86333/

Contents

kl_vbs_disasm_ida.py - Script for IDA Pro

kl_vbs_disasm_windbg.py - Script for WinDbg with PyKD extension

Usage

Set breakpoint at function vbscript!CScriptRuntime::RunNoEH and use appropriate script after breakpoint is hit.

Open Source Agenda is not affiliated with "VBscriptInternals" Project. README Source: KasperskyLab/VBscriptInternals
Stars
84
Open Issues
0
Last Commit
1 year ago

Open Source Agenda Badge

Open Source Agenda Rating