Re: java_signed_applet question

[Nathan Keltner <natron () invisibledenizen org>]

On 03/25/2010 03:06 PM, Jeffs wrote:
> Hi Natron and thanks for you assistance.  I don't want to use the 
> meterpereter payload because it is detected very easily even with 
> encoding. 
We need to get this fixed. I'll open a ticket if I can't add some 
options later today that'll help.
> The generic/ reverse_tcp payload for this exploit does not get 
> detected and works very quickly.  Are there any methods you know of to 
> automate the subsequent steps once a connection has been established:
There's not currently a way to automate anything exposed via an option. 
If you feel like doing some coding, open the java_signed_applet.rb file 
and find the big java section. In there, you'll see a line that opens 
the cmd shell (something like .run("cmd.exe /c") or similar). Make 
multiple copies of that line and use it to execute commands.
> 1) interact with session
> 2) change to victim's home directory
> 3) tftp upload binary
> 4) execute that binary
>
> I can't get a ruby script to do this because it is a generic/reverse_tcp.
>
> I was thinking something along the lines of macros but dunno...
>
> Any help much appreciated.
N
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework