[framework] access payload variable with non default encoder
Joe Owler
joe2owl at yahoo.com
Wed Dec 26 08:47:53 CST 2007
Thanks for you help. Tried that and looks better, but still I have few characters that arent alphanumeric at the beginning of the buffer, what could they be ?
This should be standard windows/exec payload executing calc.exe encoded with AlphanumMixed
...?áÚÀÙqô^VYIIIIIIIIIICCCCCC7QZjAXP0A0AkAAQ2AB2BB0BBABXP8ABuJIKLJHQTC0C0C0LKPEGLLKCLEUCHEQJOLKPOB8LKQOGPC1JKPILKGDLKC1JNFQIPMINLMTIPBTC7IQHJDMEQHBJKJTGKPTGTDDCEM5LKQOQ4C1JKBFLKDLPKLKQOELEQJKLKELLKEQJKLIQLFDDDISQOP1KFCPQFCTLKG6P0LKG0DLLKD0ELNMLKCXDHK9KHMSIPCZF0BHL0LJDDQOCXLXKNMZDNPWKOJGE3E1BLCSFNBED8CUEPAA
Am I missing something ?
----- Original Message ----
From: H D Moore <hdm at metasploit.com>
To: framework at metasploit.com
Sent: Monday, December 24, 2007 12:27:09 PM
Subject: Re: [framework] access payload variable with non default encoder
Add the following line to the Payload block:
'DisableNops' => true
-HD
On Monday 24 December 2007, Joe Owler wrote:
> How can I disable NOP sled ?
____________________________________________________________________________________
Looking for last minute shopping deals?
Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://spool.metasploit.com/pipermail/framework/attachments/20071226/0e923cd7/attachment.htm
More information about the framework
mailing list