Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details

All Projects → KasperskyLab → Vbscriptinternals

KasperskyLab / Vbscriptinternals

Scripts for disassembling VBScript p-code in the memory to aid in exploits analysis

Programming Languages

python

139335 projects - #7 most used programming language

VBscriptInternals

Author: Boris Larin

This repository contains scripts for disassembling VBScript p-code in the memory to aid in exploits analysis.

https://securelist.com/delving-deep-into-vbscript-analysis-of-cve-2018-8174-exploitation/86333/

kl_vbs_disasm_ida.py - Script for IDA Pro

kl_vbs_disasm_windbg.py - Script for WinDbg with PyKD extension

Usage

Set breakpoint at function vbscript!CScriptRuntime::RunNoEH and use appropriate script after breakpoint is hit.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Stars: ✭ 74

Visit Git Page 🔗Visit User Page 🔗Visit Issues Page (0) 🔗

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

KasperskyLab / Vbscriptinternals

Programming Languages

VBscriptInternals

Contents

Usage