Metasploit mailing list archives
Svchost crash after using ReflectiveVNCinject payload.
From: hdm at metasploit.com (H D Moore)
Date: Sun, 23 Nov 2008 18:15:22 -0600
In general, we don't support multiple successful exploit attempts with memory corruption modules; sometimes it works out, but often there is some kind of process garbage that breaks further attempts to hit the same process. We do try to use ExitThread() when possible to prevent the entire service from dying, but even that is hit-or-miss (if the shellcode crashes before it exits out, that fails too). -HD On Sunday 23 November 2008, ???????? wrote:
Using of payload/windows/reflectivevncinject/reverse_tcp with ms08_067_netapi exploit cause svchost.exe crash on Windows XP SP3 English after second use. Event from exploited pc follows: Faulting application svchost.exe, version 5.1.2600.5512, faulting module ntdll.dll, version 5.1.2600.5594, fault address 0x00028bed.
Current thread:
- Svchost crash after using ReflectiveVNCinject payload. Вячеслав (Nov 23)
- Svchost crash after using ReflectiveVNCinject payload. H D Moore (Nov 23)