.Greetings,
I have been using immunity debugger for long time, its very good. I like to visualize! :)
I seen Mr. Dave Aitel's presentation on Understanding The Windows Heap and Bypassing, I think of many things that come from it, the !heap tools are the best.
So on my machine, I have been trying to use !funsniff, but I am unsure where to set <address> to. I tried to make it the function like main(), and I tried on the heap segment, but nothing seems to show me results like you have gotten :((
I would like to see things like....
Free (
Free (
Free (
Free (
Free (
Alloc (
Alloc (
Alloc (
Free (
Free (
Yes? hehe
So, my question is, what am I doing wrong (or maybe am I doing right but not the best)?
Regards, Luis
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}