Metasploit mailing list archives

server/browser_autopwn module explaination

From: m.iodice at gmail.com (Mirko Iodice)
Date: Sun, 10 Aug 2008 23:49:38 +0200

I noticed only a couple of days ago the existence of browser_autopwn
aux module, It reminds me things like Mpack or Icepack.
I was wondering if it's possible to have more info on how to use it.
Everytime I tried, no matter which port has been set as SRVPORT
option, the module fail with the following error: "The address is
already in use"

msf auxiliary(browser_autopwn) > exploit
[*] Starting exploit modules on host 192.168.0.5...
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/multi/browser/mozilla_compareto
[*]  Local IP: http://192.168.0.5:9090/exploit/multi/browser/mozilla_compareto
[*] Server started.
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/multi/browser/mozilla_navigatorjava
[*]  Local IP: http://192.168.0.5:9090/exploit/multi/browser/mozilla_navigatorjava
[*] Server started.
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/multi/browser/firefox_queryinterface
[*]  Local IP: http://192.168.0.5:9090/exploit/multi/browser/firefox_queryinterface
[*] Server started.
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/windows/browser/apple_quicktime_rtsp
[*]  Local IP: http://192.168.0.5:9090/exploit/windows/browser/apple_quicktime_rtsp
[*] Server started.
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/windows/browser/novelliprint_getdriversettings
[*]  Local IP: http://192.168.0.5:9090/exploit/windows/browser/novelliprint_getdriversettings
[*] Server started.
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/windows/browser/ms03_020_ie_objecttype
[*]  Local IP: http://192.168.0.5:9090/exploit/windows/browser/ms03_020_ie_objecttype
[*] Server started.
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/windows/browser/ie_createobject
[*]  Local IP: http://192.168.0.5:9090/exploit/windows/browser/ie_createobject
[*] Server started.
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/windows/browser/ms06_067_keyframe
[*]  Local IP: http://192.168.0.5:9090/exploit/windows/browser/ms06_067_keyframe
[*] Server started.
[*] Started reverse handler
[*] Using URL: http://0.0.0.0:9090/exploit/windows/browser/ms06_071_xml_core
[*]  Local IP: http://192.168.0.5:9090/exploit/windows/browser/ms06_071_xml_core
[*] Server started.
[*] Started reverse handler
[*] Server started.
[*] Started reverse handler
[*] Server started.
[-] Auxiliary failed: The address is already in use (192.168.0.5:9090).
[*] Auxiliary module running as background job

After getting this error I tried to launch the "exploit" command again
and, even if the console logs a bounch of "address already in use"
errors, it seems to start succesfully. Making the victim to connect to
the given URI will always show the following message in the
msfconsole: "I don't know how to handle that request #{request.uri},
sending 404"

I'm confused.
Thank you.

Current thread:

server/browser_autopwn module explaination Mirko Iodice (Aug 10)
- server/browser_autopwn module explaination Patrick Webster (Aug 10)
  - server/browser_autopwn module explaination H D Moore (Aug 10)