[framework] strange problem whith network enabled payloads
arahzone-msf at yahoo.com
arahzone-msf at yahoo.com
Mon May 15 13:27:30 CDT 2006
Hi,
I have created a simple program that listen on a socket and copy(strcpy) the received data to another buffer that is smaller than the buffer used in receive() . I am able to use payloads that dont use winsock such as "execute command" sucessfully but all payloads that use Winsocks crash. I have debugged the complete process the payload is copied correctly to the target buffer on the stack and the execution flow is redirected to the begining of the payload. The problem is just after the Loadlibrary(ws_32). this call return the correct address of ws_32.dll but the next call contain a ADD [DS:EAX],AL and I have an acess violation on this instruction. As the "execute command" payload works correctly and I am redirecting the execution flow exactly at the begining of the payload I really dont know what is going wrong. Is there anyone who could tell me what the problem is? I should add that I am using msweb to generate and encode the payload but I use my own python script to
send it to the vulnerable program. Is there any register initialization that should be done before executing these payloads? Last thing to say is that my own download and execute payload works.
Thanks in advance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://spool.metasploit.com/pipermail/framework/attachments/20060515/59d886f8/attachment.htm
More information about the framework
mailing list