Metasploit mailing list archives
Re: News from Metasploit 4.
From: Richard Miles <richard.k.miles () googlemail com>
Date: Sat, 27 Aug 2011 13:36:11 -0500
Hi Carlos I know you are the creator of this resources and I have tested multi_console_command script and now the module post/multi/gather/run_console_rc_file, but they never worked to me. Maybe I'm doing something wrong. I tried call both of them before and after call "use exploit/multi/handler", and when I get the connection back from meterpreter nothing happens, the commands are never executed, or at least the output is never displayed on the screen. I'm feeling very foul. There is a chance for you show a step by step how do you make it? I tested both now again with metasploit 4. Thanks. On Fri, Aug 26, 2011 at 4:12 PM, Carlos Perez <dark0perator () pauldotcom com> wrote:
AutoRunScript is for Meterpreter Scrips/Post Modules, what you are showing would be considered a resource file, look at the multi_console_command script or the post module post/multi/gather/run_console_rc_file to achieve what you want and use that resource file as an option. On Aug 26, 2011, at 4:10 PM, Richard Miles wrote:Hi Egypt, It's awesome, thanks for information. Also, do you have a working version for 64 bits? Any follow-up on the other 2 questions on the e-mail? Thanks On Fri, Aug 26, 2011 at 9:20 AM, <egypt () metasploit com> wrote:Yes, reverse_http(s) both use the WinInet API, and as such, use IE's proxy configuration, including credentials. egypt On Fri, Aug 26, 2011 at 2:28 AM, Richard Miles <richard.k.miles () googlemail com> wrote:Hey Patrick, Awesome, with the new reverse_http or reverse_https? Metasploit 4? Thanks On Thu, Aug 25, 2011 at 7:37 PM, Patrick Webster <patrick () aushack com> wrote:Hey Richard, I cannot guarantee 100%, but re: point #1, I have successfully used the stager to get around proxies with auth about 2 months ago. -Patrick On Fri, Aug 26, 2011 at 8:42 AM, Richard Miles <richard.k.miles () googlemail com> wrote:Hi I friend of mine was talking about some great improvements at Metasploit 4, I checked the blog and it talks very briefly about it, what more called my attention is that reverse_http and reverse_https was updated and meterpreter scripts / resources too. I have 3 questions... 1 - The new reverse_http and reverse_https now are as good as passiveX was? I mean, we can use it completely over http or https (even the stager) and the payload is smart enough to get proxy IP and port from browser and re-use the same credential (in case that proxy require auth)?_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- News from Metasploit 4. Richard Miles (Aug 25)
- Re: News from Metasploit 4. Patrick Webster (Aug 25)
- Re: News from Metasploit 4. Richard Miles (Aug 26)
- Re: News from Metasploit 4. egypt (Aug 26)
- Re: News from Metasploit 4. Richard Miles (Aug 26)
- Message not available
- Re: News from Metasploit 4. Richard Miles (Aug 27)
- Message not available
- Re: News from Metasploit 4. Richard Miles (Aug 27)
- Re: News from Metasploit 4. Richard Miles (Aug 26)
- Re: News from Metasploit 4. Patrick Webster (Aug 25)
- Re: News from Metasploit 4. Richard Miles (Aug 26)
- Message not available
- Re: News from Metasploit 4. Richard Miles (Aug 27)
- Re: News from Metasploit 4. Richard Miles (Aug 27)
- Re: News from Metasploit 4. Carlos Perez (Aug 27)
- Re: News from Metasploit 4. Richard Miles (Aug 27)