infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Shrink the size of ms08_067 so that it again works with bind_tcp 

In #6283, we discovered that ms08_067 was busted with reverse_tcp. The
solution was to bump the amount of space needed to help with encoding.
However, we flew a little too close to the sun, and introduced a
regression with bind_tcp on Windows XP SP2 EN where the payload stages
but does not run.

This shrinks the payload just enough to make bind_tcp work again, but
reverse_tcp also continues to work as expected.
bug/bundler_fix
Brent Cook 2016-01-21 19:37:09 -06:00
parent ceb2eb7ffe
commit dc6dd55fe4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
modules/exploits/windows/smb/ms08_067_netapi.rb
View File

@ -47,7 +47,7 @@ class Metasploit3 < Msf::Exploit::Remote
'Privileged' => true,
'Payload' =>
{
'Space' => 410,
'Space' => 408,
'BadChars' => "\x00\x0a\x0d\x5c\x5f\x2f\x2e\x40",
'Prepend' => "\x81\xE4\xF0\xFF\xFF\xFF", # stack alignment
'StackAdjustment' => -3500,