possible bug in msfpayload create windows exe in current svn shot

[security at vahle.de (Thomas Werth)]

H D Moore schrieb:
> On Tuesday 16 December 2008, Thomas Werth wrote:
> > well it seems things depend on data execution prevention of windows XP.
> > Turned it off for generated Payloads at least bind payload opens
> > shellport. Is there a Payload which will work with dep enabled ?
>
> Those executables should work with DEP - thats what the VirtualProtect is 
> supposed to fix. 

I've retestet and under win xp sp 2 german using dep none of the
executables work. No network traffic is generated, seems like payload
won't be executed. Even Special DEP ones won't work. When creating a dep
exception for payload executables then those work fine and exploit works.

> > I remember staged payloads won't run as standalone executables, right ?
>
> Staged payloads work fine as executables, you just have to handle the 
> staging once connected (using exploit/multi/handler).

right, tested that and it works all like charme ( when deactivating dep ).

> -HD
>
>
> _______________________________________________
> http://spool.metasploit.com/mailman/listinfo/framework