Metasploit mailing list archives
query on exploit/windows/browser/apple_quicktime_rtsp
From: nkanaskar at hotmail.com (Nitin Kanaskar)
Date: Mon, 9 Feb 2009 08:21:32 -0600
Thanks a lot to Aczire helped me understand some basics. Thanks to Patrick and webDEVIL also for your inputs. I am trying to connect from my xp browser using URI - http://127.0.0.1:4444/CFRhDQoemBCJ It says 'page cannot be displayed'. I also tried - http://192.168.2.128:4444/CFRhDQoemBCJ. 192.168.2.128 is my BT3 virtual machine(VM) IP. Network connection is NAT for the VM sharing IP with the host xp. I dont see anything happening on the MSF console after 'Server started' msg. Any idea what I am doing wrong? or anything i can do to debug? Nitin From: aczire at gmail.com To: nkanaskar at hotmail.com Subject: RE: [framework] query on exploit/windows/browser/apple_quicktime_rtsp Date: Mon, 9 Feb 2009 19:04:37 +0530 Hello Nitin, It seems you are new to client side exploitation, but don?t feel bad, I too What exactly is gng on is, You have one BT3 image or machine up and running with Metasploit Job for Apple Quick time. What Metasploit did is, Just strted one Web server on your BT3 with port 4444, See this? [*] Using URL http://127.0.0.1:4444/CFRhDQoemBCJ [*] Server started. And the exploit url is ?CFRhDQoemBCJ? What happens now is when a victim connects to the above url, metasploit sends out the malformed quicktime streaming packets which causes a buffer overflow in the browser, be it IE, FF or Safari, the shell code is executed in the context of browser owner, tahtz victim user. If the user has Administrative privillage then the shell code could do any thing. Thatz why itz instructd, not to browse the web, especially porn and crack sites, as administrator or from an account with administrative privlge. Hope you are bit more clear now, _________________________________________________________________ Windows Live?: E-mail. Chat. Share. Get more ways to connect. http://windowslive.com/explore?ocid=TXT_TAGLM_WL_t2_allup_explore_022009 -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090209/1428a7bb/attachment.htm>
Current thread:
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp webDEViL (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp Patrick Webster (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 09)
- Message not available
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp H D Moore (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp MC (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp Patrick Webster (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp Patrick Webster (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp webDEViL (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp Donnie Werner (Feb 09)