Metasploit mailing list archives
Finding Shell. more information.
From: hdm at metasploit.com (H D Moore)
Date: Mon, 4 Oct 2004 20:17:10 -0500
Er, ignore me. Spoonm tested on SP2 and it worked without a problem for him. The registered exception handler stuff only applies if the executable itself was compiled with the new protection code. If it is still crashing (with a diff LPORT or using the reverse payloads), please let us know. -HD On Monday 04 October 2004 19:56, H D Moore wrote:
On Monday 04 October 2004 18:52, [Arcangel] wrote:I dont know if this is important but as it says in the documentation the Serv-U ftp Server dies when I run the exploit. I have Win XP SP2. bye.The exploit works by overwriting the SEH function pointer, this technique will not work with Windows XP SP2. Exploitation is still possible, either using some of the techniques in David Litchfield's paper[1] or sending slightly less data to use the return address overwrite method instead.
Current thread:
- Finding Shell. more information. Arcangel (Oct 04)
- Finding Shell. more information. H D Moore (Oct 04)
- Finding Shell. more information. H D Moore (Oct 04)
- <Possible follow-ups>
- Finding Shell. more information. ninjatools at hush.com (Oct 04)
- Finding Shell. more information. Arcangel (Oct 04)
- Finding Shell. more information. ninjatools at hush.com (Oct 04)
- Finding Shell. more information. H D Moore (Oct 04)