The MSF egghunter mixin is a wonderful module which can be of great use in exploit development. If you’re not familiar with the concepts of egghunters, read this first.
A vulnerability in the Audacity Audio Editor presents us with an opportunity to examine this mixin in greater depth. In the next module, we will exploit Audacity and create a Metasploit file format exploit module for it. We will not focus on the exploitation method itself or the theory behind it – but dive right into the practical usage of the Egghunter mixin.
Please note, the following example uses Microsoft’s Windows XP SP2 as it’s target. If you wish to reproduce the following you’ll need to setup your own VM. If SP2 is not available to you, SP3 can be used but make sure to disable DEP in C:\boot.ini using the following: /noexecute=AlwaysOff
Setting up our Egg-hunt
Download and install the vulnerable Audacity software on your XP SP2 box: