Home page logo
/

metasploit logo Metasploit mailing list archives

Re: WinExec payload?
From: Jose Selvi <jselvi () pentester es>
Date: Wed, 18 May 2011 08:00:49 +0200

Are you using a debugger with the service you're exploiting?
Maybe you're not catching the interruption.

El 18/05/11 07:38, Jun Koi escribió:
hi,

i am using payload WinExec to test one vulnerable application (the
exploitation also comes from metasploit)

before launching the exploit, i put 2 breakpoints on WinExec and
GetProcAddress function of this application.
then i run the exploit, and it successes.

however, the problem is none of my breakpoints were triggered. this is a
surprise to me, as i supposed that the payload cannot work without using
these 2 functions. clearly i missed something there!

could anybody please tell me why this happens?

thanks a lot,
Jun

-- 
Jose Selvi.
Security Technical Consultant
CISA, CISSP, CNAP, GCIH, GPEN

http://www.pentester.es

SANS Mentor in Madrid (Spain). September 23 - November 25
SEC560: Network Penetration Testing and Ethical Hacking
http://www.sans.org/mentor/details.php?nid=24133
http://www.pentester.es/2010/12/nuevo-grupo-y-descuento-para-network.html
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault