Metasploit mailing list archives
Internet Explorer createTextRange() Code Execution
From: morning_wood at frame4.com (Donnie Werner)
Date: Tue, 3 Apr 2007 12:02:05 -0700
All of the browser exploits work the same way -- you run the exploit, the exploit creates a listening web server and a URL handler. To get code execution, you need to send vulnerable clients to your web server. How you do this depends on the situation, but the easiest way is to just email or instant message the link to the victims.
I have had very good success with client side exploits in Metasploit. My best results come from launching the exploit, create a local html file pointing to the exploit server. Open file via browser, right click link and save as. What you have now is a standalone html file with all the code in it. Simply host this file or imbed as an IFRAME, send your targets to your hosted file. enjoy! This has worked nearly flawlessly, and there is no need to keep your MSF open, running, or listening. cheers, Donnie ( M.W ) Werner http://www.zone-h.org
Current thread:
- Internet Explorer createTextRange() Code Execution Rory Garton Smith (Apr 03)
- Internet Explorer createTextRange() Code Execution H D Moore (Apr 03)
- Internet Explorer createTextRange() Code Execution Donnie Werner (Apr 03)
- Internet Explorer createTextRange() Code Execution Rory Garton Smith (Apr 04)
- Internet Explorer createTextRange() Code Execution Donnie Werner (Apr 04)
- Internet Explorer createTextRange() Code Execution Donnie Werner (Apr 03)
- Internet Explorer createTextRange() Code Execution H D Moore (Apr 03)
- Internet Explorer createTextRange() Code Execution Michael Wood (Apr 03)