Metasploit mailing list archives

Raw payload works, but encoded version doesn't

From: hdm at metasploit.com (H D Moore)
Date: Fri, 18 May 2007 08:06:30 -0500

Try prefixing a stub that clears some stack space -- many of the encoders 
assume eip != esp and run into trouble if thats the case. A nice add 
esp,-3500 (or the 'StackAdjustment' => -3500 line in the Payload info 
hash of the module) will solve this.

-HD

On Friday 18 May 2007 00:26, Whit wrote:

Any thoughts?

Current thread:

Raw payload works, but encoded version doesn't Whit (May 17)
- Raw payload works, but encoded version doesn't mmiller at hick.org (May 17)
- Raw payload works, but encoded version doesn't Pranay Kanwar (May 18)
- Raw payload works, but encoded version doesn't H D Moore (May 18)