Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Shikata Ga Nai

From: metasploit at grymoire.com (Grymoire)
Date: Tue, 14 Apr 2009 11:52:10 -0400

I am having a problem getting the shikata ga nai encoder to work.
It works when I  use exploit/windows/smb/ms04-007-killbill

However, I am trying to get it to work with an HTTP-based exploit.
I get the  "Exploit failed: No encoders encoded the buffer successfully."

For example, the apache_modjk_overflow exploit has 4000 bytes available.
Yet shikata ga nai can't be encoded.

I wrote a script to try ALL of the http exploits, and none of them
work. They all give me the same error.

Details:

I used
./msfpescan --context-map context ws2help.dll
This generated the error:
                ./lib/rex/pescan/analyze.rb:250:in 'scan': undefined method 'mkdir_p' for Rex::FileUtils:Module 
(NoMethodError)

which I fixed by changing 
                FileUtils.mkdir_p(dest)
to
                ::FileUtils.mkdir_p(dest)




Then I did in shell
                msfpescan --context-map context ws2help.dll
                cat context/* >exploit.map
Then in msf
                use exploit/windows/http/apache_modjk_overflow
                set PAYLOAD windows/shell_bind_tcp
                set ENCODER x86/shikata_ga_nai
                set EnableContextEncoding 1
                set ContextInformationFile exploit.map
                exploit

And I get the error. 
All of the http exploits get the same error.

Any suggestions?
Previous By Date Next
Previous By Thread Next

Current thread: