View Full Version : A story of win32k!cCapString, or unicode strings gone bad.

j00ru vx tech blog
April 16th, 2013, 10:21
In the most recent blog post (“Fun facts: Windows kernel and guard pages”, we have learned how the code coverage of kernel routines referencing user-mode memory can be determined by taking advantage of the fact that kernel-mode code triggers guard page exceptions in the same way as user-mode does. Today, I will present how the [...]