Metasploit mailing list archives
Unencoded payload works fine, but encoded payload crashes.
From: Jordan Trover <shurimaxx () hotmail com>
Date: Tue, 26 Jul 2011 23:10:12 -0400
I didn't know where to ask for help on this, but I though here would be the best place to ask. I started learning MASM a few days ago, and I wanted to test executing some payloads from metasploit with masm. Here's the code: http://pastie.org/private/oyfaky8xttqllgfjlaopzg You can see there are two payloads there, the first one (commented) is an unencoded payload I generated with: ~$ msfpayload windows/exec CMD=calc.exe EXITFUNC=none C This one works fine, but when I try encoding the payload (the second uncommented payload in the code) with: ~$ msfpayload windows/exec CMD=calc.exe EXITFUNC=none R | msfencode -t c The compiled binary crashes when executing it. It seems to be because of a memory access violation. I loaded it into a debugger and the instruction where it crashes is : XOR DWORD PTR DS:[ESI+17],EAX But ESI is 00000000 at that moment. I hope someone could help me figure out how I can run the encoded payload just like I do with the normal unencoded version. Thanks.
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Unencoded payload works fine, but encoded payload crashes. Jordan Trover (Jul 26)
- Re: Unencoded payload works fine, but encoded payload crashes. scriptjunkie (Jul 27)