+ Reply to Thread
Results 1 to 1 of 1

Thread: A note on Metasploit's EXITFUNC Share/Save - My123World.Com!

  1. 12-13-2011, 08:02 PM #1
    aditya
    aditya is offline
    Garage Newcomer aditya is on a distinguished road
    Join Date
    Dec 2011
    Location
    Pune
    Posts
    7
    Thanks
    2
    Thanked 1 Time in 1 Post

    Post A note on Metasploit's EXITFUNC



    Hi, Today I learnt about the EXITFUNC option from the Metasploit's exploit options.
    I would like to share it here

    EXITFUNC option is set to 'thread' by default, and it works fine in most cases, so we don't usually look into it much. But in some situations specifying a different EXITFUNC is necessary so that you can have a clean exit from the exploited box.

    There are 3 different values for EXITFUNC : thread, process, seh

    thread: This method is used in most exploitation scenarios where the exploited process (e.g. IE) runs the shellcode in a sub-thread and exiting this thread results in a working application/system (clean exit)

    process: This method should be used with multi/handler. This method should also be used with any exploit where a master process restarts it on exit.

    seh: This method should be used when there is a structured exception handler (SEH) that will restart the thread or process automatically when an error occurs.
    Reply With Quote Reply With Quote

  2. The Following User Says Thank You to aditya For This Useful Post:

    RingZzer0 (12-13-2011)
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

Forum Rules