Using msfpescan

In the previous section, we found the DLL modules associated with the vulnerable application. Either we can use the Immunity Debugger to find the address of the JMP ESP instructions, which is a lengthy and time-consuming process, or we can use msfpescan to search the addresses for the JMP ESP instructions from a DLL file, which is a much faster process and eliminates manual searching.

Running msfpescan gives us the following output:

Utilities such as msfbinscan and msfrop may not be present in the default Metasploit installation that is shipped with Kali Linux. Switch to Ubuntu and install Metasploit manually to obtain these ...

Get Mastering Metasploit - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience live online training, plus books, videos, and digital content from nearly 200 publishers.