dllinject/libloader.c modifications

[michael.artz at redjack.com (Michael Artz)]

I'm a new MSF user, so I've been tinkering about with some of the  
internals to get a feel for how it works, but I've run into some  
trouble rebuilding the dllinject payload.  I can successfully compile  
libloader.c (via the command-line in the comments) and get it to  
generate the exact shellcode in the existing dllinject.rb, however any  
modifications that I make to loader2_main result in non-working  
shellcode.  Something as simple as declaring a new variable no worky.

I'm currently testing this by running an msfpayload of meterpreter/ 
bind_tcp on a WinXP box and using multi/handler from my Mac.  As soon  
as the stage gets uploaded, the process dies.

So, two questions:
   - Is there anything special that I need to do to be able to modify  
loader2_main in libloader.c to make it generate valid shellcode?  I  
was hoping that I could just edit and compile, however that doesn't  
seem to be working for me, which could be a function of my edits.
   - If it does seem to be my edits, what is the best way to test/ 
debug the shellcode?  The included srv.exe?

Thanks for any help,

-Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5394 bytes
Desc: not available
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090330/b956e84b/attachment.bin>