Metasploit mailing list archives
pattern_offset
From: hdm at metasploit.com (H D Moore)
Date: Wed, 21 Jan 2009 23:01:02 -0600
Your buffer is not overwriting the return address, something else is (or the buffer is being mangled). Try looking around in memory to find the string you sent (windbg 's' command, etc) and see how it is being transformed. When in doubt, send more data ;-) On Thu, 2009-01-22 at 04:23 +0000, Ricardo F. Teixeira wrote:
I try with pattern_create.rb with 72 and 220 value. With 72 it return me the same address, and with 220 it return me 0x6f343d2d.
Current thread:
- pattern_offset Ricardo F. Teixeira (Jan 21)
- pattern_offset Patrick Webster (Jan 21)
- pattern_offset Ricardo F. Teixeira (Jan 21)
- pattern_offset H D Moore (Jan 21)
- pattern_offset Patrick Webster (Jan 21)
- pattern_offset Ricardo F. Teixeira (Jan 21)
- pattern_offset Patrick Webster (Jan 21)