Variable-length Fnstenv/mov Dword XOR Encoder - Metasploit
This page contains detailed information about how to use the encoder/x86/fnstenv_mov metasploit module. For list of all metasploit modules, visit the Metasploit Module Library.
Module Overview
Name: Variable-length Fnstenv/mov Dword XOR Encoder
Module: encoder/x86/fnstenv_mov
Source code: modules/encoders/x86/fnstenv_mov.rb
Disclosure date: -
Last modification time: 2017-07-24 06:26:21 +0000
Supported architecture(s): x86
Supported platform(s): All
Target service / protocol: -
Target network port(s): -
List of CVEs: -
This encoder uses a variable-length mov equivalent instruction with fnstenv for getip.
Module Ranking and Traits
Module Ranking:
- normal: The exploit is otherwise reliable, but depends on a specific version and can't (or doesn't) reliably autodetect. More information about ranking can be found here.
Basic Usage
msf > use encoder/x86/fnstenv_mov
msf encoder(fnstenv_mov) > show targets
... a list of targets ...
msf encoder(fnstenv_mov) > set TARGET target-id
msf encoder(fnstenv_mov) > show options
... show and set options ...
msf encoder(fnstenv_mov) > exploit
Go back to menu.
Msfconsole Usage
Here is how the encoder/x86/fnstenv_mov module looks in the msfconsole:
msf6 > use encoder/x86/fnstenv_mov
msf6 encoder(x86/fnstenv_mov) > show info
Name: Variable-length Fnstenv/mov Dword XOR Encoder
Module: encoder/x86/fnstenv_mov
Platform: All
Arch: x86
Rank: Normal
Provided by:
spoonm <spoonm@no$email.com>
Description:
This encoder uses a variable-length mov equivalent instruction with
fnstenv for getip.
Module Options
This is a complete list of options available in the encoder/x86/fnstenv_mov module:
msf6 encoder(x86/fnstenv_mov) > show options
Module options (encoder/x86/fnstenv_mov):
Name Current Setting Required Description
---- --------------- -------- -----------
Advanced Options
Here is a complete list of advanced options supported by the encoder/x86/fnstenv_mov module:
msf6 encoder(x86/fnstenv_mov) > show advanced
Module advanced options (encoder/x86/fnstenv_mov):
Name Current Setting Required Description
---- --------------- -------- -----------
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Go back to menu.
Related Pull Requests
- #8716 Merged Pull Request: Print_Status -> Print_Good (And OCD bits 'n bobs)
- #8338 Merged Pull Request: Fix msf/core and self.class msftidy warnings
- #6655 Merged Pull Request: use MetasploitModule as a class name
- #6648 Merged Pull Request: Change metasploit class names
- #4393 Merged Pull Request: Missing patch for Stage Encoding
- #2525 Merged Pull Request: Change module boilerplate
- #1241 Merged Pull Request: Removed all $Id$ and $Revision$ occurences
Go back to menu.
See Also
Check also the following modules related to this module:
- encoder/x86/add_sub
- encoder/x86/alpha_mixed
- encoder/x86/alpha_upper
- encoder/x86/avoid_underscore_tolower
- encoder/x86/avoid_utf8_tolower
- encoder/x86/bloxor
- encoder/x86/bmp_polyglot
- encoder/x86/call4_dword_xor
- encoder/x86/context_cpuid
- encoder/x86/context_stat
- encoder/x86/context_time
- encoder/x86/countdown
- encoder/x86/jmp_call_additive
- encoder/x86/nonalpha
- encoder/x86/nonupper
- encoder/x86/opt_sub
- encoder/x86/service
- encoder/x86/shikata_ga_nai
- encoder/x86/single_static_bit
- encoder/x86/unicode_mixed
- encoder/x86/unicode_upper
- encoder/x86/xor_dynamic
Authors
spoonm
Version
This page has been produced using Metasploit Framework version 6.1.24-dev. For more modules, visit the Metasploit Module Library.
Go back to menu.