• Close
  • Back to search

    Avoid underscore/tolower

    Underscore/tolower Safe Encoder used to exploit CVE-2012-2329. It is a modified version of the 'Avoid UTF8/tolower' encoder by skape. Please check the documentation of the skape encoder before using it. As the original, this encoder expects ECX pointing to the start of the encoded payload. Also BufferOffset must be provided if needed. The changes introduced are (1) avoid the use of the 0x5f byte (underscore) in because it is a badchar in the CVE-2012-2329 case and (2) optimize the transformation block, having into account more relaxed conditions about bad characters greater than 0x80.

    Free Metasploit Download

    Get your copy of the world's leading penetration testing tool

     Download Now

    Module Name

    encoder/x86/avoid_underscore_tolower

    Authors

    • skape <mmiller [at] hick.org>
    • juan vazquez <juan.vazquez [at] metasploit.com>

    Platforms

    • platform

    Architectures

    • x86

    Reliability

    Development

    Module Options

    To display the available options, load the module within the Metasploit console and run the commands 'show options' or 'show advanced':

    msf > use encoder/x86/avoid_underscore_tolower msf encoder(avoid_underscore_tolower) > show options ...show and set options... msf encoder(avoid_underscore_tolower) > run