[framework] Exploit::Remote::HttpClient and stages
Olivier Dembour
Olivier.Dembour at hsc.fr
Fri Mar 9 03:24:29 CST 2007
Hi,
I've seen that pipelining is not yet finished on msf 3, so I don't know if the
feature I'm looking for is to be implemented ...
I'd like to use Exploit::Remote::HttpClient class to develop an exploit (buffer
overflow), but there is two problems :
- socket is shutdowned after the request
- send_request_raw() try to get the reply, but the server is already overflow
(there is no reply)
I can fix the second problem by calling directly send_request (class Client). So
I don't read anymore the reply. But I want to use stages payload, so the socket
must be keep opened.
What's the good way to do this ? I can use Exploit::Remote::Tcp functions but I
will not inherit HTTP features
--
Olivier Dembour ++ Olivier.Dembour at hsc.fr
Hervé Schauer Consultants -- http://www.hsc.fr/
More information about the framework
mailing list