[framework] unable to reproduce WMF exploit

H D Moore hdm at metasploit.com
Thu Jan 12 06:46:16 PST 2006


The call to CreateProcess() inside the win32_exec payload hides the window 
by default. The simple way to avoid this is to set CMD to the string:
"cmd.exe /c start <cmd name>"

-HD

On Thursday 12 January 2006 02:03, Michael Wood wrote:
> Is there anything special that needs to be done to get the
> win32_exec payload to actually display the process it is
> running? :)



More information about the framework mailing list