>Windows Exploitation Tricks: Abusing the User-Mode Debugger
...and...
>Nothing I’ve described here is a security vulnerability, but the behavior is interesting and it’s worth looking out for cases where it could be used.
Maybe I'm misunderstanding this newfangled internets but isn't exploitation generally synonymous with security vulnerability?
JFYI, for anyone who's interested, the equivalent debugging API methods in .NET could be found in ClrMd[0] but it's as unyielding a beast as the native methods.
A vulnerability is "this function will write 8 bytes of arbitrary data out of bounds in an edge case". Exploitation is the process of using that vulnerability to, typically, cause the process to execute attacker-controlled code.
Something can make exploitation easier without being a vulnerability. For example, disabling exploit mitigations like ASLR does this.
User mode debugging is an area that any present or future OS designer should be concerned about getting right in terms of debugging features vs. security implications...
It was probably the easiest route. Instead of setting up a special website for it, they just made a blog with a couple of clicks. Project zero goes back to 2014. Perhaps the infrastructure wasn't there, or it started as a small pilot project.
...and...
>Nothing I’ve described here is a security vulnerability, but the behavior is interesting and it’s worth looking out for cases where it could be used.
Maybe I'm misunderstanding this newfangled internets but isn't exploitation generally synonymous with security vulnerability?
JFYI, for anyone who's interested, the equivalent debugging API methods in .NET could be found in ClrMd[0] but it's as unyielding a beast as the native methods.
[0] - https://github.com/microsoft/clrmd