Re: Metasploit's Encoder failure for with Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability

[pasquale imperato <slashbackpt () gmail com>]

Hi!
I remember I had some problems with some payloads in the last version
of metasploit.
Which release are u using?
In general, I use shikata_ga_nai encoder, but if u still have problems
try to use an older release of msf and see if it works.



On Sat, Mar 20, 2010 at 1:24 PM, Jacky Jack <jacksonsmth698 () gmail com> wrote:
> Hi all
>
> Can anyone  provide a working successful PAYLOAD encoding method of
> Metasploit for Apache Mod_Rewrite Off-By-One Buffer Overflow
> Vulnerability?
> I've tried several things but have had no success.
>
> Exploit failed: No encoders encoded the buffer successfully.
>
> I know the reasons:
>
>   1. The Encoded Payload size generated is exceeding the limit of
>      payload space available for that particular exploit.
>   2. There could be some bad characters present in the Encoded Payload.
>
> But couldn't figure the working Payload.
>
> Thank you all.
>
> ------------------------------------------------------------------------
> This list is sponsored by: Information Assurance Certification Review Board
>
> Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
> and CEPT certs require a full practical examination in order to become certified.
>
> http://www.iacertification.org
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------