Windows Recv Tag Findsock Meterpreter payload

[vlad902 at gmail.com (vlad902)]

None of the current exploits support findsock and ws2ord together (past Tester.)

$ grep ws2ord * | grep findsock
Tester.pm:                      'Keys' => [ '+findsock', '+ws2ord' ],
$ 

Some may in actuality but due to the fact that the first findsock
payload for win32 was added in 2.3 some exploits may not be updated to
reflect the fact that they can be used along with findsock (or may
need tweaks to do so).


On 4/28/05, Chris Byrd <cbyrd01 at yahoo.com> wrote:
> I just went through all of the win32/x86 exploits,
> none would allow the selection of
> win32_findrecv_ord_meterpreter.  Perhaps the payload
> is broken, or for academic purposes only?
>
> - Chris
>
> --- vlad902 <vlad902 at gmail.com> wrote:
> > On 4/28/05, Chris Byrd <cbyrd01 at yahoo.com> wrote:
> > > In the documentation for Meterpreter, a payload is
> > > mentioned, win32_findrecv_ord_meterpreter, that
> > has
> > > the ability to use the exploit socket for
> > > communication.  This is intriguing to me, and I'd
> > like
> > > to include it in an upcoming demonstration.
> > >
> > > However, I have been unable to select
> > > win32_findrecv_ord_meterpreter as a payload. I
> > have
> > > tried with most win32 exploits.  Any advice on how
> > to
> > > use this payload would be greatly appreciated.
> > >
> > > Thanks,
> > > Chris
> > >
> > >
> > > __________________________________
> > > Do you Yahoo!?
> > > Make Yahoo! your home page
> > > http://www.yahoo.com/r/hs
> >
> > findsock payloads are only available with some
> > exploits, and ordinals
> > ones less so... If it doesn't work use another
> > payload or use another
> > exploit.
> >
> > -vlad902
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com