Metasploit mailing list archives
Example of an exploit module writing to a file
From: mmiller at hick.org (mmiller at hick.org)
Date: Tue, 20 Nov 2007 10:39:03 -0800
On Tue, Nov 20, 2007 at 10:08:05AM -0600, ri0t wrote:
Can anyone point me to a current exploit module that creates a malicious file for exploitation? i can use ruby's File.new but i did not know if there was a REX method to do this that was built into the framework
At the moment I'm not aware of any exploits that write their contents to an output file. The majority of file-based exploits (such as ANI, WMF, etc) all create a hosted web server that waits for incoming connections. It would probably be worth creating a mixin to allow more uniform handling of file-based exploits that would support writing the contents of the file to disk. Part of the problem is that, at present, Metasploit assumes that it needs to wait for a session to be established after exploitation (depending on the payload). It sounds like we'd need to provide a way to tell the framework that a particular target will not be creating a session, regardless of whether or not the payload indicates that it will. HD, am I missing any exploits that do this? I thought we had some but I wasn't able to dig any up.
Current thread:
- Example of an exploit module writing to a file ri0t (Nov 20)
- Example of an exploit module writing to a file mmiller at hick.org (Nov 20)
- Example of an exploit module writing to a file Jerome Athias (Nov 20)