I'm trying to rebuild the vlc_realtext exploit myself, I have already understanded the vulnerability well. The problem is I can't find the proper way to inject my own shellcode.
This is .rt file that triggers the vulnerability :
with 84 of As we can overwrite the EDI register.
<window height="250" width="300" duration="15" bgcolor="yellow">
Mary had a little lamb,
<br/><time begin="6"/>little lamb,
<br/><time begin="9"/>Mary had a little lamb
<br/><time begin="12"/>whose fleece was white as snow.
but I did not understand how the shellcode is going to be inject, I mean how the metasploit module that I linked above injecting the shellcode.
I saw it under debugger but it was not clear for me.
It would be nice to give me a tip on this.