We will try to make an exploit with an egg hunter for the same software we used in the previous recipe. The logic behind the exploitation would be something similar to what is shown in the following diagram:
Our aim is to overwrite the nSEH and then SEH in order to make it jump to the egg hunter shellcode, which, when executed, will find and execute our shellcode in the memory.