Results 1 to 2 of 2

Thread: [Help]Rebuilding vlc_realtext exploit

  1. #1
    Just burned their ISO
    Join Date
    Oct 2012

    Question [Help]Rebuilding vlc_realtext exploit

    Hi everyone

    I'm trying to rebuild the vlc_realtext exploit myself, I have already understanded the vulnerability well. The problem is I can't find the proper way to inject my own shellcode.
    This is .rt file that triggers the vulnerability :
    <window height="250" width="300" duration="15" bgcolor="yellow">
    Mary had a little lamb,
    <br/><time begin="6"/>little lamb,
    <br/><time begin="9"/>Mary had a little lamb
    <br/><time begin="12"/>whose fleece was white as snow.
    with 84 of As we can overwrite the EDI register.
    but I did not understand how the shellcode is going to be inject, I mean how the metasploit module that I linked above injecting the shellcode.
    I saw it under debugger but it was not clear for me.
    It would be nice to give me a tip on this.

  2. #2
    Just burned their ISO
    Join Date
    Jan 2010

    Default Re: [Help]Rebuilding vlc_realtext exploit

    The structure of the exploit is as follows:
    [72 bytes of junk][address of jmp esp cmd][short jump (6 bytes) over writable address][2 byte pad][writable address in memory][nops][shellcode]

Similar Threads

  1. New local priv esc exploit on exploit-db affects BT5R1
    By aerokid240 in forum BackTrack 5 General Topics
    Replies: 0
    Last Post: 01-23-2012, 03:55 PM
  2. problemi metasploit - exploit - exploit-db
    By wlf89ok in forum Angolo dei Newbie
    Replies: 5
    Last Post: 02-05-2011, 10:16 PM
  3. Replies: 1
    Last Post: 06-25-2010, 02:49 AM
  4. Replies: 0
    Last Post: 03-24-2010, 10:01 PM
  5. rebuilding php with -gd
    By splantier in forum OLD Newbie Area
    Replies: 0
    Last Post: 09-10-2007, 11:20 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts