[framework] Encoder(?) problems.

[Reth]

No luck.

The payload is located on the heap, with 512 bytes allocated. The buffer 
isn't free()'d or realloc()'d. DisableNops is set to true, as a .dtors 
entry is overwritten with a pointer which points directly to the 
beginning of the encoded payload. I have also tried it with Nops. The 
heap is non-randomized and executable, same with the stack.

Any more ideas?

-Reth

PS. Thanks for the fast response.

On Sat, Jun 30, 2007 at 11:08:39PM -0500, H D Moore wrote:
> The payload decoders assume the stack is in a usable state. This can be 
> problematic when the program counter is really close to the stack 
> pointer. The solution for this is to add the 'StackAdustment' => -3500 
> line to the Payload section of the modules information block.