Metasploit mailing list archives
Locale in non-English exploit shell
From: hdm at metasploit.com (H D Moore)
Date: Wed, 12 Nov 2008 10:56:00 -0600
Great feedback -- to be able to code this properly, we need a way to detect the remote code page. One trouble we have with using the Iconv calls is that they can crash/break when invalid unicode characters are present in the stream. This is the reason why MSFGUI is so poor at handling non-english locales. The easiest way to implement this would be a new advanced option for all payloads with an interactive shell. Can we assume the metasploit-side code page is always going to be UTF-8? I should have Russian language versions of XP/2003 to test, but it may take a while to get this running. Thanks! -HD On Wednesday 12 November 2008, Vladimir Yakovlev wrote:
When you explit non-English Windows, some text appear in wrong charset. On russain Windows cmd.exe runs in cp866, meterpeter in cp1251. My Linux box run on UTF-8. So i needed recode cp866->UTF-8 in bindshell, and cp1251->UTF-8 in meterpeter. To cd/download/... non-english dirs all commands must be transcoded back. So whai is my patch. Charsets are hardcoded. Good idea is place charsets in config, or autodetect from windows version. svn diff
Current thread:
- Locale in non-English exploit shell Vladimir Yakovlev (Nov 12)
- Locale in non-English exploit shell H D Moore (Nov 12)
- Locale in non-English exploit shell Vladimir Yakovlev (Nov 12)
- Locale in non-English exploit shell H D Moore (Nov 14)
- Locale in non-English exploit shell takuan (Nov 14)
- Locale in non-English exploit shell H D Moore (Nov 12)