Bad Characters and Remote Code Execution

Well, that certainly wasn’t expected: The exploit completes but no session is created. If you check your debugger, you’ll see that the application didn’t even crash—so what happened? Welcome to the sometimes challenging and nearly always frustrating world of bad characters. Some characters, when sent as part of an exploit buffer, get mangled while being read by the application. The unfortunate result is that bad characters render your shellcode, and sometimes the entire exploit, unusable.

When writing a Metasploit module, you should always be sure to identify all the bad characters, because the shellcode that Metasploit generates differs each time an exploit is launched, and any rogue bad characters will ...

Get Metasploit now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.