.To all you exploit writers/debugging pros. When doing an SEH overwrite, has anyone ever seen the case where the exploit works repeatedly with the debugger attached (attached, not spawning the process), but doesn't work when the debugger isn't attached.
The only thing I can think of is that when the first chance exception gets registered, and the debugger passes control to the application its allowing it to work, whereas without the debugger the first chance goes unhandled and the process dies.
Any thoughts?
![[+] expand](/imagery/files/soysauce_blueprint.gif){kind=link}