[framework] EBX and EDI overwrite instead of EAX and EIP
H D Moore
hdm at metasploit.com
Mon Oct 23 17:30:06 CDT 2006
The important part is what operation is performed with EBX and EDI. Can
you paste the actual operation and the register states?
-HD
On Monday 23 October 2006 16:20, Greg Linares wrote:
> [x90 Sled] [Shell Code] [EDI overwrite (JMP to EAX + Location of
> Shellcode)] [EBX overwrite (JMP to EDI)]
> I am assuming this is an exploitable vector but I could be wrong. Am I
> on the right path for this type of issue?
More information about the framework
mailing list