Metasploit mailing list archives
PassiveX-based payloads and MS06-055
From: buffer at softmedia.info (Angelo Dell'Aera)
Date: Tue, 13 Mar 2007 19:15:41 +0100
Il giorno Tue, 13 Mar 2007 18:53:17 +0100 Angelo Dell'Aera <buffer at softmedia.info> ha scritto:
These are the most significant lines in framework.log [03/13/2007 18:20:29] [d(2)] core: windows/meterpreter/reverse_http: Successfully encoded with encoder x86/shikata_ga_nai (size is 479) [03/13/2007 18:20:29] [d(2)] core: PassiveX listener started on http://192.168.33.130:8080/px [03/13/2007 18:20:41] [e(0)] rex: Failed to find handler for resource: / [03/13/2007 18:20:47] [d(2)] core: windows/meterpreter/reverse_http: Successfully encoded with encoder x86/shikata_ga_nai (size is 479) [03/13/2007 18:21:15] [e(0)] rex: Failed to find handler for resource: / After looking at this last log message I even tried setting PXURI to / and to an empty string but no results at all even in this case.
Moreover here to you a dump of the PXURI reply to the browser request (GET / HTTP/1.1) which is not shown by the browser in any case. 0x0000: 4500 0127 6cfa 4000 4006 083d c0a8 2182 E..'l. at .@..=..!. 0x0010: c0a8 21c7 2710 041e f57a 1c20 f519 471c ..!.'....z....G. 0x0020: 5018 1920 1957 0000 4854 5450 2f31 2e31 P....W..HTTP/1.1 0x0030: 2034 3034 2046 696c 6520 6e6f 7420 666f .404.File.not.fo 0x0040: 756e 640d 0a53 6572 7665 723a 2052 6578 und..Server:.Rex 0x0050: 0d0a 436f 6e74 656e 742d 5479 7065 3a20 ..Content-Type:. 0x0060: 7465 7874 2f68 746d 6c0d 0a43 6f6e 7465 text/html..Conte 0x0070: 6e74 2d4c 656e 6774 683a 2031 3431 0d0a nt-Length:.141.. 0x0080: 436f 6e6e 6563 7469 6f6e 3a20 4b65 6570 Connection:.Keep 0x0090: 2d41 6c69 7665 0d0a 0d0a 3c68 746d 6c3e -Alive....<html> 0x00a0: 3c68 6561 643e 3c74 6974 6c65 3e34 3034 <head><title>404 0x00b0: 204e 6f74 2046 6f75 6e64 3c2f 7469 746c .Not.Found</titl 0x00c0: 653e 3c2f 6865 6164 3e3c 626f 6479 3e3c e></head><body>< 0x00d0: 6831 3e4e 6f74 2066 6f75 6e64 3c2f 6831 h1>Not.found</h1 0x00e0: 3e54 6865 2072 6571 7565 7374 6564 2055 >The.requested.U 0x00f0: 524c 202f 2077 6173 206e 6f74 2066 6f75 RL./.was.not.fou 0x0100: 6e64 206f 6e20 7468 6973 2073 6572 7665 nd.on.this.serve 0x0110: 722e 3c70 3e3c 6872 3e3c 2f62 6f64 793e r.<p><hr></body> 0x0120: 3c2f 6874 6d6c 3e </html> It seems to me that problem is Rex is unable to serve the resource.
Current thread:
- PassiveX-based payloads and MS06-055 Angelo Dell'Aera (Mar 13)
- PassiveX-based payloads and MS06-055 mmiller at hick.org (Mar 13)
- PassiveX-based payloads and MS06-055 Angelo Dell'Aera (Mar 13)
- PassiveX-based payloads and MS06-055 Angelo Dell'Aera (Mar 13)
- PassiveX-based payloads and MS06-055 mmiller at hick.org (Mar 13)
- PassiveX-based payloads and MS06-055 Angelo Dell'Aera (Mar 14)
- PassiveX-based payloads and MS06-055 mmiller at hick.org (Mar 14)
- PassiveX-based payloads and MS06-055 Angelo Dell'Aera (Mar 16)
- PassiveX-based payloads and MS06-055 Angelo Dell'Aera (Mar 13)
- PassiveX-based payloads and MS06-055 mmiller at hick.org (Mar 13)