Metasploit mailing list archives
another payload execution failure
From: security at vahle.de (Thomas Werth)
Date: Wed, 11 Jun 2008 15:35:39 +0200
dear list, once again i'm having problems getting payload executed. Actual i'm build a off-by-one buffer overflow example on windows. Test-Program recieves msg from net, handling subfunc has a typical off by one overflow. Last significant byte of sfp is correct manipulated and execution is passed to attacker buffer when calling func ends. I've used a nop sled for testing and it is left unmodified. Now when replacing nopsled by payload (staged, non staged, bind, reverse, exec) every payload fails to execute proper. Some (exec) successful call winexec and proxexit kernel funcs but no effext ( i have console app and tried executing calc or notepad ). All Bind, reverse, meterpreter payloads execute but fail after large amount of instructions. ESP - 3500 is used and that is executed correct at beginning of payload. Any hints what can be the problem ? regards, Thomas
Current thread:
- MSF and Windows SP3 (solved), (continued)
- MSF and Windows SP3 (solved) Thomas Werth (Jun 02)
- MSF and Windows SP3 (solved) mmiller at hick.org (Jun 03)
- MSF and Windows SP3 (solved) Thomas Werth (Jun 03)
- MSF and Windows SP3 (solved) H D Moore (Jun 04)
- MSF and Windows SP3 (solved) Thomas Werth (Jun 04)
- MSF and Windows SP3 (solved) H D Moore (Jun 04)
- MSF and Windows SP3 (solved) mmiller at hick.org (Jun 04)
- MSF and Windows SP3 (solved) Thomas Werth (Jun 04)
- MSF and Windows SP3 (solved) mmiller at hick.org (Jun 05)
- MSF and Windows SP3 (solved) Thomas Werth (Jun 05)
- another payload execution failure Thomas Werth (Jun 11)
- another payload execution failure H D Moore (Jun 11)
- another payload execution failure Thomas Werth (Jun 11)
- another payload execution failure Patrick Webster (Jun 11)
- Message not available
- another payload execution failure Thomas Werth (Jun 11)
- another payload execution failure mmiller at hick.org (Jun 11)
- another payload execution failure Thomas Werth (Jun 11)
- MSF and Windows SP3 (solved) Thomas Werth (Jun 02)
- another payload execution failure H D Moore (Jun 12)
- another payload execution failure Thomas Werth (Jun 12)
- another payload execution failure H D Moore (Jun 12)