MS08-067 Win2K3 German lang. support

[christopher.riley at r-it.at (christopher.riley at r-it.at)]

Sorry it's taken such a long time to get back to you on this, been a wild 
few weeks.

I took a look to make sure I'm not going crazy, but Windows 2003 doesn't 
seem to have the acgeneral.dll (only Windows XP).

Any pointers, or more information on Brett Moore's bypass technique. It's 
hard to recreate with the notes in the Ruby code alone.

Chris John Riley

framework-bounces at spool.metasploit.com@inet wrote on 13.04.2009 01:02:14:

> On Mon, 2009-04-13 at 00:03 +0200, christopher.riley at r-it.at wrote:
> > Also what can I do to recreate the NX bypass for the German version.
> > Its not going to be as simple as the NO NX stuff I'm sure. 
>
> Thanks for looking into it - to get the DisableNX address, use the
> following command:
>
> $ msfpescan -r "\x6A\x04\x8D\x45\x08\x50\x6A\x22\x6A\xFF" acgenral.dll
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework


----------------------------------------
Raiffeisen Informatik GmbH, Firmenbuchnr. 88239p, Handelsgericht Wien, DVR 0486809, UID ATU 16351908

Der Austausch von Nachrichten mit oben angefuehrtem Absender via E-Mail dient ausschliesslich Informationszwecken. 
Rechtsgeschaeftliche Erklaerungen duerfen ueber dieses Medium nicht ausgetauscht werden. 
Correspondence with above mentioned sender via e-mail is only for information purposes. This medium may not be used for 
exchange of legally-binding communications.
----------------------------------------