Metasploit mailing list archives
Metasploit vs ANI
From: hdm at metasploit.com (H D Moore)
Date: Mon, 2 Apr 2007 08:03:02 -0500
That response is the HTML, it references the real ANI files in the obfuscated style sheet data (look for the line ending in XXX=[1-6]. If you request /$prefix/anything.wav?targ=1 (replaced $prefix with whatever URIPATH is set to), it should serve up a valid ANI file exploit. -HD On Monday 02 April 2007 03:58, Nicolas RUFF wrote:
I cannot even see the "anih" header. The page might be GZIP'ed even if default options are set to turn off all evasion techniques. What do you think ?
Current thread:
- Metasploit vs ANI H D Moore (Apr 02)
- Metasploit vs ANI Nicolas RUFF (Apr 02)
- Metasploit vs ANI Saad Kadhi (Apr 02)
- Metasploit vs ANI H D Moore (Apr 02)
- Metasploit vs ANI Nicolas RUFF (Apr 02)
- Metasploit vs ANI mmiller at hick.org (Apr 02)
- Metasploit vs ANI H D Moore (Apr 02)
- Metasploit vs ANI Giorgio Casali (Apr 03)
- Metasploit vs ANI Thomas Werth (Apr 03)
- Metasploit vs ANI mmiller at hick.org (Apr 03)
- Metasploit vs ANI Thomas Werth (Apr 03)
- Metasploit vs ANI mmiller at hick.org (Apr 03)
- Metasploit vs ANI Thomas Werth (Apr 03)
- Metasploit vs ANI mmiller at hick.org (Apr 04)
- Metasploit vs ANI Nicolas RUFF (Apr 02)