The purpose of this post is to share how one would use a debugger to identify the relevant code path that can trigger the crash. I hope this post will be educational to people that are excited to learning how to use debugger for vulnerability analysis.This post will not visit details on RDP communication basics and MS_T120.

Furthermore, no PoC code will be provided in this post, as the purposeis to show vulnerability analysis with a debugger.The target machine (debuggee) will be a Windows 7 x64 and the debugger machine will be a Windows 10 x64. Both the debugger and debuggee will run within VirtualBox.

 

 

Full article:

https://dl.packetstormsecurity.net/papers/general/debugging-CVE-2019-0708.pdf