Metasploit mailing list archives
EBX and EDI overwrite instead of EAX and EIP
From: hdm at metasploit.com (H D Moore)
Date: Mon, 23 Oct 2006 17:30:06 -0500
The important part is what operation is performed with EBX and EDI. Can you paste the actual operation and the register states? -HD On Monday 23 October 2006 16:20, Greg Linares wrote:
[x90 Sled] [Shell Code] [EDI overwrite (JMP to EAX + Location of Shellcode)] [EBX overwrite (JMP to EDI)] I am assuming this is an exploitable vector but I could be wrong.? Am I on the right path for this type of issue?
Current thread:
- EBX and EDI overwrite instead of EAX and EIP Greg Linares (Oct 23)
- EBX and EDI overwrite instead of EAX and EIP H D Moore (Oct 23)
- EBX and EDI overwrite instead of EAX and EIP Greg Linares (Oct 23)
- EBX and EDI overwrite instead of EAX and EIP H D Moore (Oct 23)
- EBX and EDI overwrite instead of EAX and EIP Greg Linares (Oct 23)
- EBX and EDI overwrite instead of EAX and EIP Greg Linares (Oct 23)
- EBX and EDI overwrite instead of EAX and EIP H D Moore (Oct 23)