Metasploit mailing list archives
Bug in shikata_ga_nai encoder ?
From: alok.menghrajani at ilionsecurity.ch (Alok Menghrajani)
Date: Wed, 18 Oct 2006 12:00:32 +0200
Hi, Yes, the problem is with the direction flag ! Adding 0xfc solved everything. The funny thing, is that it seems LoadLibraryA wants this flag cleared. My code doesn't call loop, so I'm not relying on this flag. Thanks so much. Alok. H D Moore wrote:
The most common problem is that the payload assumes something about the stack layout or CPU state that is no longer true after the shikita encoder runs. Some things you may want to try: 1) Normalize the stack as the first part of your payload: "\x81\xc4\xff\xef\xff\xff\x44" 2) Reset the direction flag "\xfc" -HD
Current thread:
- Bug in shikata_ga_nai encoder ? Alok Menghrajani (Oct 17)
- Bug in shikata_ga_nai encoder ? H D Moore (Oct 17)
- Bug in shikata_ga_nai encoder ? Alok Menghrajani (Oct 18)
- Bug in shikata_ga_nai encoder ? H D Moore (Oct 17)