seh_exploit.zip/exploit3/test.cpp
#include <cstdio>
#include <Windows.h>
void call() {
::MessageBoxA(NULL, "message", "title", MB_OK);
::exit(0);
}
int main(const unsigned int argc, const char * const * argv) {
FILE * const fp = ::fopen("file", "rb");
unsigned int size1;
::fread(&size1, 4, 1, fp);
char *s1 = reinterpret_cast<char *>(::VirtualAlloc(reinterpret_cast<void *>(0x00250000), size1, MEM_COMMIT, PAGE_READWRITE));
::fread(s1, 1, size1, fp);
unsigned int size2;
char s2[256];
::fread(&size2, 4, 1, fp);
::fread(s2, 1, size2, fp);
for (unsigned int i = 0; i < size2; i++) {
::printf("%02x ", s1[i] ^ s2[i]);
}
::fclose(fp);
::getchar();
return 0;
}