Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

MSF and Windows SP3 (solved)

From: mmiller at hick.org (mmiller at hick.org)
Date: Wed, 4 Jun 2008 09:16:51 -0700
Are you testing this using the latest bits in trunk?  If so, try doing
'setg DisableStageEncoding 1' and see if the problem still happens.  

On Wed, Jun 04, 2008 at 10:47:12AM +0200, Thomas Werth wrote:

H D Moore schrieb:

ESP is too close to EIP for the stagers to work properly. You will need to 
add a 'StackAdjustment' => -3500 or similar in the Payload section of the 
exploit module.

On Wednesday 04 June 2008, Thomas Werth wrote:

Stack[00000F24]:0012EC84 db  84h ; ?  <---------- ESP
Stack[00000F24]:0012EC8C db    0  <--------- EIP


Well, i have already such a definition in payload object
'Payload'        =>
         {
             'Space'    => 991,
             'BadChars' => "\x00",
             'StackAdjustment' => -3500,
          },

Changing it to -7500 or 5000 or removing doesn't help either.
Any hints ?
_______________________________________________
http://spool.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: