I've used the plugin you sugested and it worked like a charm!
I've tested the exploit with the windows/exec payload and booom, calculator!

Steps to a calculator =) :
1- Insert attack string...

ok, I've created the binary file with a python script and checked it with an hex editor, everything was as I expected it to be, but when I ran the command the program crashed...
Can I use this...

Yes, that's correct.
I could not redirect the output of that command to a file so I built a program(just gets input without any filters) in order to analise the memory after input. In fact, the...

lupin, the jump backwards assembly code worked! I hardcoded it into immunity dbg though, since I think my string input method is a piece of...

This is the code I'm using to send the string:

...

Thank you for the replies!
I've also found the offensive security's webcast very didactic, pretty good resource. Thank you lupin for the links provided, I'll study that and post the results of my...

You can use msfpescan -p [TARGET], the program will search for POP POP RETs for you and show the addresses in the screen. =)

Thanks for the help F1gureF0ur!
I've made this script in order to generate the string and redirected its output to a file:


import sys

sys.stdout.write("\"")
i = 1
while i < 255:...

Hello,
I'm pretty new to developing exploits and I'm trying the awbo exercises, which can be found at snort.org/vrt/tools/awbo.html ... I've successfully triggered the vulnerability (on the first...