Metasploit mailing list archives
Http-Tunnel Question
From: hdm at metasploit.com (H D Moore)
Date: Fri, 21 Apr 2006 08:40:00 -0500
Matt Miller wrote a payload staging system that abuses Internet Explorer and ActiveX controls to connect back via HTTP. $ msfpayload 2>&1| grep passivex win32_passivex win32_passivex_meterpreter win32_passivex_stg win32_passivex_vncinject http://www.uninformed.org/?v=1&a=3&t= -HD On Friday 21 April 2006 00:54, Thomas Werth wrote:
Now my question : Would it be easy to create a http-tunnel payload , so an attack can be connect back through firewall to outside and infiltrate a firm intranet ? Maybe with an auto-proxy setting from i.e. or similar ? Or is size for this payload to big to fit into an overflow , so only really spezialied hackers are able to create such hacks ? Target of my question is : May this vuln be exploited ( in future ) by a worm or more likley only a vision for a good hacker with high motivation ? Would it be possible to add such a payload into metasploit ?
Current thread:
- Http-Tunnel Question Thomas Werth (Apr 20)
- Http-Tunnel Question Jerome Athias (Apr 21)
- Http-Tunnel Questions the unknown unknown (Apr 21)
- Http-Tunnel Question H D Moore (Apr 21)
- Http-Tunnel Question Chris Byrd (Apr 21)
- Http-Tunnel Question Jason Haar (Apr 22)
- Http-Tunnel Question Thomas Werth (Apr 23)
- Http-Tunnel Question Jerome Athias (Apr 21)