Bad Characters and Remote Code Execution

Well, that certainly wasn’t expected: The exploit completes but no session is created. If you check your debugger, you’ll see that the application didn’t even crash—so what happened? Welcome to the sometimes challenging and nearly always frustrating world of bad characters. Some characters, when sent as part of an exploit buffer, get mangled while being read by the application. The unfortunate result is that bad characters render your shellcode, and sometimes the entire exploit, unusable.

When writing a Metasploit module, you should always be sure to identify all the bad characters, because the shellcode that Metasploit generates differs each time an exploit is launched, and any rogue bad characters will ...

Get Metasploit now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.