Metasploit mailing list archives
Running milw0rm Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (win/osx) oddity
From: jeffs at speakeasy.net (Jeffs)
Date: Thu, 29 Nov 2007 17:26:07 -0500
In my attempts to dissect and understand how to place a .rb module into Metasploit framework3, I happened today upon the Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (win/osx) a.k.a. 4673.rb file, which I believe was just posted to Milw0rm. Looking at it I see that it does not contain the necessary information for inclusion in the Metasploit directories in BT2 (although I'd like to know how to place it there so the .msfgui and msfweb can see it). If I put it into any directory under framework3 and then run either .msfgui or msfweb, this is what happens: *] Starting msfweb v3.1-dev on http://127.0.0.1:55555/ => Booting WEBrick... Quicktime 7.3 RTSP Response Content-Type Header Stack Buffer Overflow exploit Copyright (C) 2007, Subreption LLC. All rights reserved. /pentest/exploits/framework3/msfweb: RTSP Listening on 0.0.0.0:554, serving GQeDGXybEgXI.mp3 /pentest/exploits/framework3/msfweb: RTSP URL: rtsp://0.0.0.0:554/GQeDGXybEgXI.mp3 apparently it starts to run the exploit. I know this is not HOW to do it correctly, so can someone point me in the right direction on what parameters need to be included in the 4673.rb file at Milw0rm to make it show up in the .msfgui or .msfweb. I know there is already a module there for this exploit, but this one I believe is newer and has more bells and whistles. Thank for any *constructive* comments you may wish to pass to me.
Current thread:
- Running milw0rm Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (win/osx) oddity Jeffs (Nov 29)
- Running milw0rm Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (win/osx) oddity mmiller at hick.org (Nov 29)
- Running milw0rm Apple QuickTime 7.2/7.3 RSTP Response Universal Exploit (win/osx) oddity H D Moore (Nov 29)