Metasploit mailing list archives
Windows Shellcode on Unix
From: tyronmiller at gmail.com (Ty Miller)
Date: Fri, 18 Jul 2008 10:24:31 +1000
Hi, Do you know which exploit you want to use? To get a descent list of exploits related to XP; open the Metasploit Web Interface and click on "Exploits". If you then search for *Windows XP* you will get a list of exploits that relate to Windows and contain "xp" ... just note that "xp" will match words like "eXPloit" and "eXPlorer", so some of the exploits won't be relevant to XP. Click the exploit you want, and follow the instructions. Most of the exploits for XP will be client-side exploits (eg, for Internet Explorer) so you may need to combine the attack with a Phishing attack or DNS Cache Poisoning or something to get the victim to download your exploit. Hope that helps, else check out the "User Guide" that comes with Metasploit. Cheers, Ty On Thu, Jul 17, 2008 at 7:27 PM, Sri Kanth <Sri_Kanth at jabil.com> wrote:
How can I use an exploit to a Windows XP machine? ------------------------------ *From:* framework-bounces at spool.metasploit.com [mailto: framework-bounces at spool.metasploit.com] *On Behalf Of *Ty Miller *Sent:* Thursday, July 17, 2008 4:40 PM *To:* Patrick Webster; hdm at metasploit.com *Cc:* framework at spool.metasploit.com *Subject:* Re: [framework] Windows Shellcode on Unix Hi Guys, Thanks heaps for the responses. HD, you were right on the money mate ... I am buying you a double burbon and coke at Blackhat this year mate ... even if Microsoft does have to pay for it! ;o) I changed my compilation commands to the following, as suggested by HD; $ nasm -f bin -o shellcode.bin shellcode.asm $ xxd -i shellcode.bin I also had to add the line "BITS 32" into my asm code since nasm seemed to default to a 16 bit architecture. Once I did this, it worked like a gem. Thanks again for your help and the quick responses. Cheers, Ty On Thu, Jul 17, 2008 at 4:32 PM, Patrick Webster <patrick at aushack.com> wrote: No idea how cygwin does its magic, but could it be that your shellcode is using a system call that is different under Cygwin -> Linux. I suppose the easiest way would be to use nasm under both environments and see if the shellcode result is different :) -Patrick _______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080718/11738baa/attachment.htm>
Current thread:
- Windows Shellcode on Unix Ty Miller (Jul 16)
- Windows Shellcode on Unix H D Moore (Jul 16)
- Windows Shellcode on Unix Patrick Webster (Jul 16)
- Windows Shellcode on Unix Ty Miller (Jul 17)
- Message not available
- Windows Shellcode on Unix Ty Miller (Jul 17)
- Windows Shellcode on Unix Patrick Webster (Jul 16)
- Windows Shellcode on Unix H D Moore (Jul 16)