exploit'


10 fstenv, FPU


, :

 

->- fstenv -> - 0Ch FPUControlWord

- 08h FPUStatusWord

- 04h FPUTagWord

->--- esp ---> 00h FPUDataPointer

<- pop ebx -<- + 04h FPUInstructionPointer

+ 08 FPULastInstructionOpcode