Metasploit mailing list archives

Payload Bugs ?

From: jms at bughunter.ca (J. M. Seitz)
Date: Tue, 28 Aug 2007 23:04:25 -0700

I think a simple:

sub esp,3500 

Would do it, prepend to your shellcode. 

JS

-----Original Message-----
From: Thomas Werth [mailto:security at vahle.de] 
Sent: Tuesday, August 28, 2007 10:50 PM
To: framework at metasploit.com
Subject: Re: [framework] Payload Bugs ?

Patrick Webster schrieb:

I assume your german return address is correct.

Try using a shellcode with a stack adjustment of -3500.

Otherwise your payload may be using bad characters which are not 
accepted, or the payload code is changed by other

instructions before

you execute, by the target application?

-Patrick


How exactly can i do this ? This sounds really interessting, 
but i didn't find a "Adjust Stack for dummies guide" ;) Can 
you gimme a small example ?

Current thread:

Payload Bugs ? Thomas Werth (Aug 28)
- Payload Bugs ? H D Moore (Aug 28)
  - Payload Bugs ? Patrick Webster (Aug 28)
    - Payload Bugs ? Thomas Werth (Aug 28)
    - Payload Bugs ? J. M. Seitz (Aug 28)
    - Payload Bugs ? Thomas Werth (Aug 28)
    - Payload Bugs ? J. M. Seitz (Aug 29)
    - Payload Bugs ? Thomas Werth (Aug 29)
    - Payload Bugs ? Thomas Werth (Aug 29)
    - Payload Bugs ? Jerome Athias (Aug 29)
    - need help porting exploit to win2k Thomas Werth (Aug 29)
    - need help porting exploit to win2k Jerome Athias (Aug 29)
    - need help porting exploit to win2k Thomas Werth (Aug 29)
  - Payload Bugs ? Thomas Werth (Aug 28)