metasploit-framework

https://github.com/rapid7/metasploit-framework

Ruby

Metasploit Framework

MetasploitModule#build_trigger

Feng Shui and triggering Steps:
1. Run the garbage collector before allocations
2. Defragment the heap and alloc CImplAry objects in one step (objects size are IE version dependent)
3. Make holes
4. Let windows media play the crafted midi file and corrupt the heap
5. Force the using of the confused tagVARIANT.

Source | Google | Stack overflow

Edit

git clone [email protected]:rapid7/metasploit-framework.git

cd metasploit-framework

open modules/exploits/windows/browser/ms12_004_midi.rb

Contribute

# Make a new branch

git checkout -b -your-name--update-docs-MetasploitModule-build_trigger-for-pr

# Commit to git

git add modules/exploits/windows/browser/ms12_004_midi.rbgit commit -m "better docs for MetasploitModule#build_trigger"

# Open pull request

gem install hub # on a mac you can `brew install hub`

hub fork

git push <your name> -your-name--update-docs-MetasploitModule-build_trigger-for-pr

hub pull-request

# Celebrate!