Metasploit mailing list archives
Exploiting non-English Windows
From: bambam.quiescence at googlemail.com (bambam)
Date: Thu, 7 Feb 2008 14:38:18 +0000
Yeah basically some exploits require different return addresses since the local-specific binary releases of executable modules obviously have different offsets with lengths of strings and sometimes other changes. Some exploits are universal, and with the high quality of exploits coming out of Metasploit from HD et. al. it's never a problem. In fact I haven't had to lift a god-damn finger in over a year. Have a look through the targets for some of the older windows exploits and you will see some non-English targets. bambam On Feb 7, 2008 6:47 AM, . <takuan4 at gmail.com> wrote:
May I ask what is the current status on exploiting Windows programs with different locales? I think it would be great if the framework had capabilities such as remote language fingerprinting, or at least being able to specify the right opcodes for different locales during exploitation. I know that Mr. Jerome Athias has been working on creating a database of opcodes for different locales. Does anyone know the progress of this and if it is going to be incorporated into MSF? Cheers, Takuan
Current thread:
- Exploiting non-English Windows . (Feb 06)
- Exploiting non-English Windows bambam (Feb 07)
- Exploiting non-English Windows Leo Jackson (Feb 08)
- Exploiting non-English Windows mmiller at hick.org (Feb 07)
- Exploiting non-English Windows . (Feb 07)
- Exploiting non-English Windows bambam (Feb 07)