mailing list archives
Re: WinExec payload?
From: Jun Koi <junkoi2004 () gmail com>
Date: Wed, 18 May 2011 14:33:34 +0800
On Wed, May 18, 2011 at 2:00 PM, Jose Selvi <jselvi () pentester es> wrote:
Are you using a debugger with the service you're exploiting?
yes, i do.
Maybe you're not catching the interruption.
i dont think so, because that should not happen.
El 18/05/11 07:38, Jun Koi escribió:
i am using payload WinExec to test one vulnerable application (the
exploitation also comes from metasploit)
before launching the exploit, i put 2 breakpoints on WinExec and
GetProcAddress function of this application.
then i run the exploit, and it successes.
however, the problem is none of my breakpoints were triggered. this is a
surprise to me, as i supposed that the payload cannot work without using
these 2 functions. clearly i missed something there!
could anybody please tell me why this happens?
thanks a lot,
Security Technical Consultant
CISA, CISSP, CNAP, GCIH, GPEN
SANS Mentor in Madrid (Spain). September 23 - November 25
SEC560: Network Penetration Testing and Ethical Hacking