Metasploit mailing list archives
Re: Why metasploit's exploits fails inside Qemu?
From: Jun Koi <junkoi2004 () gmail com>
Date: Tue, 21 Sep 2010 23:04:27 +0700
On Tue, Sep 21, 2010 at 9:09 PM, Jun Koi <junkoi2004 () gmail com> wrote:
hi, using metasploit, i created a vulnerable PDF file (using exploits like modules/exploits/windows/fileformat/adobe_geticon.rb). as a result, i have a PDF file, which is perfectly working with my old Adobe Reader inside my Virtual Machine. I tried to open my PDF file inside 2 VMs: one is a KVM machine, one is QEMU+KQemu machine. both work perfectly. However, if i open the same PDF file in another VM running pure QEMU (which means i run Qemu without KVM or KQEMU as accelerator), the exploitation doesnt work anymore: the process looks like hangup. i tried other exploitations inside modules/exploits/windows/fileformat/, and have the same conclusion: while these exploits work very well with QEMU+KVM or QEMU+KQemu, they never works inside pure Qemu. i googled around, and found that other people have similar experience: http://www.cs.uaf.edu/2006/spring/cs493/hw/hw4.html anybody knows why we have this problem, or even better, know how to fix this (so the exploitation can work inside pure Qemu VM)?
perhaps Metasploit fails to work inside Qemu is because Metasploit shellcode is doing some special tricks, that Qemu fails to emulate them correctly? any idea? thanks, Jun _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Why metasploit's exploits fails inside Qemu? Jun Koi (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Jun Koi (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Joshua J. Drake (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Jun Koi (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Joshua J. Drake (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Jun Koi (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Philip Sanderson (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Jun Koi (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Philip Sanderson (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Jun Koi (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? AK (Sep 22)
- Re: Why metasploit's exploits fails inside Qemu? Mark A. Miller (Sep 24)
- Re: Why metasploit's exploits fails inside Qemu? Joshua J. Drake (Sep 21)
- Re: Why metasploit's exploits fails inside Qemu? Jun Koi (Sep 21)