Exploit Development on Fabrice's Bloghttps://blog.redteamshell.com/tags/exploit-development/Recent content in Exploit Development on Fabrice's BlogHugoen<a href="https://creativecommons.org/licenses/by-nc/4.0/" target="_blank" rel="noopener">CC BY-NC 4.0</a>Mon, 26 May 2025 16:28:21 -0400Understanding POP-POP-RET in SEH Exploitshttps://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/Mon, 26 May 2025 16:28:21 -0400https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/<p><img src="https://blog.redteamshell.com/images/SEH_Blog.png" alt="Blog Picture"></p> <p><em>Part of the Exploit Development Module – Certified Cybersecurity Engineer (CCSE) – By Cyberwarfare Labs</em></p> <hr> <h3 id="-table-of-contents">📚 Table of Contents</h3> <ol> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#introduction">Introduction</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#what-is-a-stack-overflow">What is a Stack Overflow?</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#understanding-structured-exception-handling-seh">Understanding Structured Exception Handling (SEH)</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#where-does-pop-pop-ret-come-in">Where Does POP-POP-RET Come In?</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#breaking-down-pop-pop-ret">Breaking Down POP-POP-RET</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#step-by-step-example-of-using-pop-pop-ret-in-an-seh-exploit">Step-by-Step Example of Using POP-POP-RET in an SEH Exploit</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#finding-a-suitable-pop-pop-ret-instruction">Finding a Suitable POP-POP-RET Instruction</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#example-exploit-code">Example Exploit Code</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#what-happens-when-we-run-the-exploit">What Happens When We Run the Exploit?</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#conclusion">Conclusion</a></li> <li><a href="https://blog.redteamshell.com/posts/2025/05/understanding-pop-pop-ret-in-seh-exploits/#next-steps">Next Steps</a></li> </ol> <hr> <h3 id="-introduction">🔰 Introduction</h3> <p>This blog post is part of the <strong>Exploit Development</strong> module in my journey through the <strong>Certified Cybersecurity Engineer (CCSE)</strong> certification by <strong>Cyberwarfare Labs</strong>.</p>