Review of pull request #559

[jvazquez-r7]

This pull request includes a reviewed version of pull request #559. But it isn't still ready:

• Poison Ivy doesn't run with DEP enabled. Seems due to unpacking. Unpacked PI runs well on DEP.
• If unpacked IP is run, meterpreter payload doesn't work (tested successfully with windows/exec)

[badishi]

Maybe integrate the last check I sent with this one? Now that we have the option to send random bytes, the new check I sent instructs the user what to do.

[jvazquez-r7]

About the check:

            if response[0, 16] == sig
                print_status("Password appears to be \"admin\".")

This says the password appears to be admin in cases when I've changed it. Because of this Im not very confident with this check :\ Does it work always for you?

[badishi]

Yep. It should, as the password is the encryption key, and the sig is the encryption of the zeros that we send. What's the pass that gave you a false positive?

[jvazquez-r7]

badishi, you're right :) Maybe I didn't reload exploit when checking :_( Sorry for annoying. Check function updated :)