Metasploit mailing list archives
Re: smb_sniffer and browser autopwn
From: egypt () metasploit com
Date: Fri, 27 Aug 2010 20:16:55 -0600
The API is pretty simple and hasn't changed much since it was created, so the best documentation at the moment is probably my Blackhat 2009 presentation. Slides here: http://www.slideshare.net/egypt/using-guided-missiles-in-drivebys-automatic-browser-fingerprinting-and-exploitation-with-the-metasploit-frameworks-browser-autopwn If you need examples, you can grep for autopwn_info in modules/exploits/*/browser/* egypt On Tue, Aug 17, 2010 at 3:42 PM, Richard Miles <richard.k.miles () googlemail com> wrote:
Hi egypt, Yes, it helped. Maybe you guys could create a detailed document about how to add new modules to browser autopwn? I believe the community would be able to handle it and make browser autopwn up-to-date. Because you know, browser autopwn without constant updates is not very useful... Thanks again Regards On Tue, Aug 17, 2010 at 3:31 PM, <egypt () metasploit com> wrote:Adding new client-sides to browser_autopwn requires a small amount of work in the new module. Unfortunately, not all new exploits will work with autopwn. An example is the LNK exploit which will only work if it is run with URIPATH=/ and LPORT=80 because of the requirements for creating a WebDAV server. Hope this helped, egypt On Tue, Aug 17, 2010 at 12:32 PM, Richard Miles <richard.k.miles () googlemail com> wrote:Hi Kurt Thanks. That's kind of bad, should be awesome if the developers at Metasploit created a way to automatically load all new client side modules added to the framework to the browser autopwn. Thanks On Tue, Aug 17, 2010 at 5:04 AM, Kurt Grutzmacher <grutz () jingojango net> wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 8/16/10 9:56 PM, Richard Miles wrote:No one? On Sun, Aug 15, 2010 at 4:07 PM, Richard Miles <richard.k.miles () googlemail com> wrote:Hi I was using smb_sniffer module and I see a few times a few connections like this New Connection from 10.1.1.3 Fir Aug 15 09:10:45 2010 10.1.1.3 1122334455667788 00 0000000000000000000000000000000000000000000000000 Windows Server 2003 R2 3790 Service Pack 2Hey Richard, I have seen this before but didn't really pay much attention to it, assuming it was Windows just doing some funky mojo as it is wont to do. You passed it a valid challenge request and it's decided to not do anything with it, returning all nulls. Usually the real auth packet arrives shortly thereafter. - --- grutz () jingojango net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkxqXpYACgkQ7JUqA4yz7LTtvgCfRTVWG4+Jj7z75LPwwTdT6L2p ToIAnjtQGzkHrXdUa+QMRVAjfQMbNwKg =U8u8 -----END PGP SIGNATURE----- _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- smb_sniffer and browser autopwn Richard Miles (Aug 15)
- Re: smb_sniffer and browser autopwn Richard Miles (Aug 16)
- Re: smb_sniffer and browser autopwn Kurt Grutzmacher (Aug 17)
- Re: smb_sniffer and browser autopwn Richard Miles (Aug 17)
- Re: smb_sniffer and browser autopwn egypt (Aug 17)
- Message not available
- Re: smb_sniffer and browser autopwn egypt (Aug 27)
- Re: smb_sniffer and browser autopwn Kurt Grutzmacher (Aug 17)
- Re: smb_sniffer and browser autopwn Richard Miles (Aug 16)
- Re: smb_sniffer and browser autopwn Richard Miles (Aug 17)