[framework] Using encoded payload in executable
mmiller at hick.org
mmiller at hick.org
Thu Jun 7 15:57:06 CDT 2007
On Thu, Jun 07, 2007 at 10:43:17AM +0200, C0r3 1mp4ct wrote:
> Hi List!
>
> I tried to use the output of "./msfpayload -e windows/x86/exec CMD=cmd
> EXITFUNC=process R | ./msfencode -e x86/avoid_utf8_tolower c" in a C
> program that executes it by simply transferring the control to the
> string buffer containing the encoded payload. The payload is generated
> on Fedora Core 6.
The avoid_utf8_tolower encoder may require some additional parameters in
order for it to be used correctly. This specific encoder does not have
a getpc stub, and therefore relies on a certain register holding the
address of the encoded payload (including the decoder stub). The
decoder stub is hardcoded to assume that ecx will hold the address.
Does your vulnerability require you to use this specific encoder?
More information about the framework
mailing list