Penetration Testing mailing list archives

Metasploit's Encoder failure for with Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability

From: Jacky Jack <jacksonsmth698 () gmail com>
Date: Sat, 20 Mar 2010 21:24:33 +0800

Hi all

Can anyone  provide a working successful PAYLOAD encoding method of
Metasploit for Apache Mod_Rewrite Off-By-One Buffer Overflow
Vulnerability?
I've tried several things but have had no success.

Exploit failed: No encoders encoded the buffer successfully.

I know the reasons:

   1. The Encoded Payload size generated is exceeding the limit of
      payload space available for that particular exploit.
   2. There could be some bad characters present in the Encoded Payload.

But couldn't figure the working Payload.

Thank you all.

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified.

http://www.iacertification.org
------------------------------------------------------------------------

Current thread:

Metasploit's Encoder failure for with Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability Jacky Jack (Mar 23)
- Re: Metasploit's Encoder failure for with Apache Mod_Rewrite Off-By-One Buffer Overflow Vulnerability pasquale imperato (Mar 25)