Metasploit mailing list archives
Metasploit vs Core Impact "Set as Source" Option
From: danuxx at gmail.com (Danux)
Date: Mon, 17 Sep 2007 17:03:06 -0500
Exellent, and let me tell you that is the same like Core Impact works!!!!!! Thanks in advance On 9/14/07, cg <lists at carnal0wnage.com> wrote:
I dont have Core Impact so i'm not real familiar with the command you listed but i did a couple of blog posts on using the route command in msfconsole to route through a meterpreter session. the short of it is: route add IP SUBNET SESSION# ex. msf exploit(ms06_040_netapi) > route add 172.16.0.0 255.255.0.0 1 i'll throw the caveat that i did it all in VMware so there may be some VMware trickery going on, but i think it works as described. the good (??) thing about security is that if i am wrong, i'm sure i'll have about 10 emails letting me know within the hour :-) here are the posts: http://carnal0wnage.blogspot.com/2007/09/using-metasploit-to-pivot-through.html http://carnal0wnage.blogspot.com/2007/09/using-metasploit-to-pivot-through_06.html hope that helps. -CG On Fri, 2007-09-14 at 13:32 -0500, Danux wrote:Ok, thanks in Advance for my last question, I have another question, i know that through meterpreter we can use its modules in order to redirect a port from the victim machine to another one in the LAN, but is there something like the "Set as Source" options used in Core Impact? so that we can compromise another network segment? if so? do you have an example? On 9/14/07, H D Moore <hdm at metasploit.com> wrote:These are two different things. To use the MSN exploit, you need to force MSN to load this exploit DLL into memory. This is normally done by a sequence of open process, alloc mem, start thread, loadlibrary calls to the target process. The metasploit DLL injection payloads work by exploiting a target process and then loading a DLL into memory. In this case, you want to load a DLL on the attacking side, to exploit a different host. On Friday 14 September 2007 12:23, Danux wrote:They say i need to: "inject the dll to msn messenger .... process. I know metasploit already works that way but i would like to learn how to do it manually. I have no skill about DLL programming nor injection, do you have a tutorial or something like that to understand it?
-- Danux, CISSP Chief Information Security Officer Macula Security Consulting Group www.macula-group.com
Current thread:
- Metasploit vs Core Impact "Set as Source" Option Danux (Sep 14)
- Metasploit vs Core Impact "Set as Source" Option cg (Sep 14)
- Metasploit vs Core Impact "Set as Source" Option Danux (Sep 17)
- Metasploit vs Core Impact "Set as Source" Option cg (Sep 14)