/VehViolator

Execute via the VEH Handler

Primary LanguageC

VehViolator

Execute via the VEH Handler

All credits for this technique and research go to this researcher https://mannyfreddy.gitbook.io/ya-boy-manny I interpreted the code and got execution of calc.exe, this is straightly PoC.

Use at your own risks.

To compile :

cl /EHsc /FeVehViolator.exe VehViolator.c user32.lib ntdll.lib

2024-08-06_13-27