Metasploit mailing list archives
HTTP Tunneling
From: hdm at metasploit.com (H D Moore)
Date: Sat, 28 Jun 2008 23:47:58 -0500
On Saturday 28 June 2008, Ty Miller wrote:
Stupid question, but sometimes you have to ask them ... When you say "only works if IE6 is being used" I assume that you mean that IE6 is installed, rather than the user having it actually running at the time of exploitation. I assume the user would have to have the proxy authentication saved in IE6 too, right?
Yup!
Do you know of HTTP Tunneling payloads out there that aren't reliant upon IE6?
The download_exec one uses WinInet, which might work, not sure.
Current thread:
- HTTP Tunneling Ty Miller (Jun 28)
- HTTP Tunneling H D Moore (Jun 28)
- HTTP Tunneling Ty Miller (Jun 28)
- HTTP Tunneling H D Moore (Jun 28)
- HTTP Tunneling Ty Miller (Jun 28)
- HTTP Tunneling H D Moore (Jun 28)
- HTTP Tunneling Ty Miller (Jun 28)
- HTTP Tunneling Ty Miller (Jun 28)
- HTTP Tunneling H D Moore (Jun 28)