Metasploit mailing list archives
Spam: InternetExplorer Payloads
From: robin.kipp at gmx.de (Robin Kipp)
Date: Tue, 31 Jul 2007 00:09:33 +0200
Hey all, Just downloaded Metasploit and it really seems to be fun, I just successfully nuked the ICS service in my network. Now I wanted to exploit InternetExplorer 6 on my Windows XP Sp2 laptop. Some of the exploits displayed some strange signs in the browser window, and some even closed the InternetExplorer with an error message. However, I wasn't able to control my laptop from a command shell on my comp. Here's exactly what happens: For example, let's select the Internet Explorer createTextRange() Code Execution on the web console. As the target, I select Internet Explorer 6 - (6.0.3790.0 - Windows XP SP2). Then, I select generic/shell_bind_tcp on the next screen to get a console when someone connected to my server. SRVHOST is my intranet IP, SRVPORT is 8080, URIPATH is "exp" and LPORT is 4444. Now when I click on "Launch Exploit", The following lines appear: # # ###### ##### ## #### ##### # #### # ##### ## ## # # # # # # # # # # # # # ## # ##### # # # #### # # # # # # # # # # # ###### # ##### # # # # # # # # # # # # # # # # # # # # # ###### # # # #### # ###### #### # # =[ msf v3.0 + -- --=[ 191 exploits - 106 payloads + -- --=[ 17 encoders - 5 nops =[ 36 aux [*] Using URL: http://192.168.1.111:8080/exp [*] Server started. [*] Exploit running as background job. Now let's open the URL http://192.168.1.111:8080/exp from the laptop. A % sign appears in the browser window and the line [*] Started bind handler Appears in the web console. However, when I go to "sessions", I don't see anything helpful, just the message that there are no sessions. Is there anything I can do so I can exploit my own InternetExplorer? :-) Thanks! Robin
Current thread:
- Spam: InternetExplorer Payloads Robin Kipp (Jul 30)
- Spam: InternetExplorer Payloads Patrick Webster (Jul 30)
- Nessus Report Import Tim Schellenberger (Jul 31)
- Spam: RE: Spam: InternetExplorer Payloads Robin Kipp (Jul 31)
- Spam: RE: Spam: InternetExplorer Payloads Jerome Athias (Jul 31)
- <Possible follow-ups>
- Spam: InternetExplorer Payloads Rohit Srivastwa (Jul 30)
- Spam: InternetExplorer Payloads Patrick Webster (Jul 30)