Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

HTTP Tunneling

From: tyronmiller at gmail.com (Ty Miller)
Date: Sun, 29 Jun 2008 14:23:30 +1000
Hey HD,

Thanks for the quick response mate.

Stupid question, but sometimes you have to ask them ... When you say "only
works if IE6 is being used" I assume that you mean that IE6 is installed,
rather than the user having it actually running at the time of exploitation.
I assume the user would have to have the proxy authentication saved in IE6
too, right?

Do you know of HTTP Tunneling payloads out there that aren't reliant upon
IE6?

Thanks,
Ty


On Sun, Jun 29, 2008 at 1:41 PM, H D Moore <hdm at metasploit.com> wrote:


The HTTP Tunneling shellcode makes use of the Internet Explorer
configuration, authenticated proxies and all, if the code runs under a
user account with those settings. There are two major drawbacks to using
these payloads though:

1. The payloads only work if IE6 is being used and are incompatible with
IE 7.

2. If the exploited process is a system service, more than likely it wont
pick up the user's settings. I haven't tested this, but it seems likely.

-HD

On Saturday 28 June 2008, Ty Miller wrote:

I assume that the HTTP Tunneling Shellcode within Metaploit doesn't
work with authenticated proxies.



_______________________________________________
http://spool.metasploit.com/mailman/listinfo/framework


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080629/133dc63f/attachment.htm>
Previous By Date Next
Previous By Thread Next

Current thread: