Metasploit mailing list archives
Re: java_signed_applet question
From: Nathan Keltner <natron () invisibledenizen org>
Date: Mon, 29 Mar 2010 07:52:15 -0500
On 03/25/2010 03:06 PM, Jeffs wrote:
Hi Natron and thanks for you assistance. I don't want to use the meterpereter payload because it is detected very easily even with encoding.We need to get this fixed. I'll open a ticket if I can't add some options later today that'll help.
The generic/ reverse_tcp payload for this exploit does not get detected and works very quickly. Are there any methods you know of to automate the subsequent steps once a connection has been established:There's not currently a way to automate anything exposed via an option. If you feel like doing some coding, open the java_signed_applet.rb file and find the big java section. In there, you'll see a line that opens the cmd shell (something like .run("cmd.exe /c") or similar). Make multiple copies of that line and use it to execute commands.
1) interact with session 2) change to victim's home directory 3) tftp upload binary 4) execute that binary I can't get a ruby script to do this because it is a generic/reverse_tcp. I was thinking something along the lines of macros but dunno... Any help much appreciated.
N _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: java_signed_applet questino, (continued)
- Re: java_signed_applet questino HD Moore (Mar 24)
- Re: java_signed_applet questino egypt (Mar 24)
- Re: java_signed_applet questino Jeffs (Mar 24)
- Re: java_signed_applet questino egypt (Mar 24)
- Message not available
- Re: java_signed_applet questino egypt (Mar 24)
- java_signed_applet hangs Jeffs (Mar 26)
- Re: java_signed_applet hangs HD Moore (Mar 26)
- Re: java_signed_applet question Jeffs (Mar 24)
- Re: java_signed_applet question HD Moore (Mar 24)
- Re: java_signed_applet question natron (Mar 24)
- Message not available
- Re: java_signed_applet question Nathan Keltner (Mar 29)
- input custom .exe to msf Jeffs (Mar 28)