metasploit-framework May 2011 archive
Main Archive Page > Month Archives  > metasploit-framework archives
metasploit-framework: Re: [framework] WinExec payload?

Re: [framework] WinExec payload?

From: Jose Selvi <jselvi_at_nospam>
Date: Wed May 18 2011 - 06:00:49 GMT
To: framework@spool.metasploit.com

Are you using a debugger with the service you're exploiting?
Maybe you're not catching the interruption.

El 18/05/11 07:38, Jun Koi escribió:
> hi,
>
> i am using payload WinExec to test one vulnerable application (the
> exploitation also comes from metasploit)
>
> before launching the exploit, i put 2 breakpoints on WinExec and
> GetProcAddress function of this application.
> then i run the exploit, and it successes.
>
> however, the problem is none of my breakpoints were triggered. this is a
> surprise to me, as i supposed that the payload cannot work without using
> these 2 functions. clearly i missed something there!
>
> could anybody please tell me why this happens?
>
> thanks a lot,
> Jun

-- Jose Selvi. Security Technical Consultant CISA, CISSP, CNAP, GCIH, GPEN http://www.pentester.es SANS Mentor in Madrid (Spain). September 23 - November 25 SEC560: Network Penetration Testing and Ethical Hacking http://www.sans.org/mentor/details.php?nid=24133 http://www.pentester.es/2010/12/nuevo-grupo-y-descuento-para-network.html _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework