[framework] EBX and EDI overwrite instead of EAX and EIP

H D Moore hdm at metasploit.com
Mon Oct 23 17:54:00 CDT 2006

Previous message: [framework] EBX and EDI overwrite instead of EAX and EIP
Next message: [framework] EBX and EDI overwrite instead of EAX and EIP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

While the register dumps are great, we need to see the actual opcode being 
executed with these registers. This should look something like:

mov [ebx], edi

-HD

On Monday 23 October 2006 17:47, Greg Linares wrote:
> EIP 7C91B3FB ntdll.7C91B3FB

Previous message: [framework] EBX and EDI overwrite instead of EAX and EIP
Next message: [framework] EBX and EDI overwrite instead of EAX and EIP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the framework mailing list