Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Finding Bad Characters?

From: egypt () metasploit com
Date: Thu, 17 Feb 2011 10:00:53 -0700
Our wiki page on writing exploit modules has some useful stuff about
badchars: https://www.metasploit.com/redmine/projects/framework/wiki/ExploitModuleDev#Illegal-Characters

You might also want to look into using the byakugan plugin for windbg:
https://www.metasploit.com/redmine/projects/framework/repository/show/external/source/byakugan

Hope this helped,
egypt


On Thu, Feb 17, 2011 at 9:54 AM, John Nash <rootsecurityfreak () gmail com> wrote:

Thanks for the link! Yes, I have but at times it becomes very
difficult to compare memory locations manually.

Also, times when our input gets modified, it gets even more difficult
to to do this.

Even if not automated, maybe a tool or a plugin for Immunity/Olly to
make this easier?

JN



On Thu, Feb 17, 2011 at 10:11 PM, Craig Freyman <craigfreyman () gmail com> wrote:

I don't have an automated way but have you seen this?
http://en.wikibooks.org/wiki/Metasploit/WritingWindowsExploit#Dealing_with_badchars

On Thu, Feb 17, 2011 at 9:35 AM, John Nash <rootsecurityfreak () gmail com>
wrote:


Hello All,

Just dived into exploit research and finding bad characters is killing me!

Can someone point me to a good document / methodology / automated way
to find bad characters?

Any help will be greatly appreciated!

Rgds,

JN
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework




_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: