Metasploit mailing list archives
Encoder(?) problems.
From: reth at smashthestates.net (Reth)
Date: Sun, 1 Jul 2007 14:57:16 +1000
No luck. The payload is located on the heap, with 512 bytes allocated. The buffer isn't free()'d or realloc()'d. DisableNops is set to true, as a .dtors entry is overwritten with a pointer which points directly to the beginning of the encoded payload. I have also tried it with Nops. The heap is non-randomized and executable, same with the stack. Any more ideas? -Reth PS. Thanks for the fast response. On Sat, Jun 30, 2007 at 11:08:39PM -0500, H D Moore wrote:
The payload decoders assume the stack is in a usable state. This can be problematic when the program counter is really close to the stack pointer. The solution for this is to add the 'StackAdustment' => -3500 line to the Payload section of the modules information block.
Current thread:
- Encoder(?) problems. Reth (Jun 30)
- Encoder(?) problems. H D Moore (Jun 30)
- Encoder(?) problems. Reth (Jun 30)
- Encoder(?) problems. H D Moore (Jun 30)
- Encoder(?) problems. Reth (Jun 30)
- Encoder(?) problems. Reth (Jun 30)
- Encoder(?) problems. H D Moore (Jun 30)