Metasploit mailing list archives
ani_loadimage_chunksize problem
From: security at vahle.de (Thomas Werth)
Date: Wed, 24 Oct 2007 16:17:34 +0200
Ohh, what an "easy" reason :) On Windows code execution protection is activated for all programs. IDA doesn't show X Flag for stack segment, so exceution isn't allowed. So it seems msf payload does nothing magic to circumvate code exectution protection and ida properly prompts wrong message ... H D Moore schrieb:
Could it be that the stack is non-executable on your platform and IDA is misinterpreting the exception code? -HD On Wednesday 24 October 2007, Thomas Werth wrote:Now the jmp esp is donw and lands in stack. But then the same exception is thrown. "Memory could not be written The instruction at 0x12decc referenced memory at 0x12decc. The memory could not be written (0x12decc -> 12decc)" Strange is that Segment is marked as W & D public Stack. So write access should be granted... Altouhg why in generell is there a write access violation when performing a nop or former a jmp esp ? Any help and clarification is welcome.
Current thread:
- ani_loadimage_chunksize problem Thomas Werth (Oct 24)
- ani_loadimage_chunksize problem H D Moore (Oct 24)
- ani_loadimage_chunksize problem Thomas Werth (Oct 24)
- How Secure is Windows Hardware-enforced Data Execution Prevention [was ani_loadimage_chunksize problem] Thomas Werth (Oct 25)
- How Secure is Windows Hardware-enforced Data Execution Prevention [was ani_loadimage_chunksize problem] Rhys Kidd (Oct 25)
- How Secure is Windows Hardware-enforced Data Execution Prevention [was ani_loadimage_chunksize problem] Thomas Werth (Oct 29)
- How Secure is Windows Hardware-enforced Data Execution Prevention [was ani_loadimage_chunksize problem] Rhys Kidd (Oct 29)
- ani_loadimage_chunksize problem Thomas Werth (Oct 24)
- How Secure is Windows Hardware-enforced Data Execution Prevention [was ani_loadimage_chunksize problem] Pusscat (Oct 25)
- How Secure is Windows Hardware-enforced Data Execution Prevention [was ani_loadimage_chunksize problem] Thomas Werth (Oct 25)
- ani_loadimage_chunksize problem H D Moore (Oct 24)