March 18, 2020
10:27 p.m.
On Mar 18, 2020, at 2:57 PM, Fabian Maurer <dark.shadow4(a)web.de> wrote:
Just out of curiosity, is the offset the same for all Windows after XP? Or do we just care about the latest?
Regards, Fabian Maurer
Yes, everything I’ve read online says that the offsets are the same for Vista and all newer versions: https://ctf-wiki.github.io/ctf-wiki/reverse/windows/anti-debug/heap-flags/ ’Since Vista’ in my comment isn’t real clear, I’ll send a fixed version. Brendan