Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Dealing with EWF (Enhanced Write Filter)

From: javatard <javatard () gmail com>
Date: Mon, 5 Apr 2010 10:26:34 -0400
Dear Lord, that was just too easy. I was over thinking it all. Once I had a
shell, I was able to disable EWF with no problems. I suppose I should have
tried that first instead of looking for a magic "pill" to get access to the
C: drive.

On Sun, Apr 4, 2010 at 8:47 PM, javatard <javatard () gmail com> wrote:


I have a test machine that I know is vulnerable to many things MS08-067
being just one. I have been successful in exploiting the test VM, but once I
enable EWF, I just end up crashing the virtual machine. I assume this is due
to EWF taking any changes that would be made to the machine and "writing"
the changes in RAM. So, I seem to be able to crash the machine just fine,
but I want to be able to circumvent EWF.
Does anyone have experience with working against EWF?

--
But that's just my opinion, I could be wrong.





-- 
But that's just my opinion, I could be wrong.

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: