Metasploit mailing list archives
need help porting exploit to win2k
From: jerome.athias at free.fr (Jerome Athias)
Date: Wed, 29 Aug 2007 15:27:32 +0200
hi Thomas, you should try to search in USER32.DLL ;-) https://www.securinfos.info/international-opcodes/OPcodes_LIST_Windows_2000_Server_SP4_USER32.DLL.html 0x77DF4C29 <https://www.securinfos.info/international-opcodes/OPcodes_LIST_Windows_2000_Server_SP4_USER32.DLL.html#> Good luck /JA SecurInfos.info Thomas Werth a ?crit :
Dear List, i'm trying to port a test exploit towards win2k sp4 german. I'm looking for a jmp esp. I didn't find one in msf web opcode. So i used msfpescan like this msfpescan -j esp /mnt/hgfs/ntdll.dll and got : [/mnt/hgfs/ntdll.dll] 0x778b5a22 push esp; ret [/mnt/hgfs/KERNEL32.DLL] 0x77ea5570 push esp; retn 0xfffd [/mnt/hgfs/ws2_32.dll] 0x74fa1dce push esp; ret When using this as retVal exploit fails and target app crashes. Am i doing something wrong ? thx Thomas
-------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3253 bytes Desc: S/MIME Cryptographic Signature URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070829/f9d2fa14/attachment.bin>
Current thread:
- Payload Bugs ?, (continued)
- Payload Bugs ? H D Moore (Aug 28)
- Payload Bugs ? Patrick Webster (Aug 28)
- Payload Bugs ? Thomas Werth (Aug 28)
- Payload Bugs ? J. M. Seitz (Aug 28)
- Payload Bugs ? Thomas Werth (Aug 28)
- Payload Bugs ? J. M. Seitz (Aug 29)
- Payload Bugs ? Thomas Werth (Aug 29)
- Payload Bugs ? Thomas Werth (Aug 29)
- Payload Bugs ? Jerome Athias (Aug 29)
- need help porting exploit to win2k Thomas Werth (Aug 29)
- need help porting exploit to win2k Jerome Athias (Aug 29)
- need help porting exploit to win2k Thomas Werth (Aug 29)
- Payload Bugs ? Patrick Webster (Aug 28)
- Payload Bugs ? H D Moore (Aug 28)