Metasploit mailing list archives
Framework Digest, Vol 17, Issue 15
From: beenudel1986 at gmail.com (Beenu Arora)
Date: Mon, 15 Jun 2009 19:04:22 -0700
there is already an option to download and execute binary from remote server and path for the stealth backdoor can be given , On Mon, Jun 15, 2009 at 12:00 PM, <framework-request at spool.metasploit.com>wrote:
Send Framework mailing list submissions to framework at spool.metasploit.com To subscribe or unsubscribe via the World Wide Web, visit https://mail.metasploit.com/mailman/listinfo/framework or, via email, send a message with subject or body 'help' to framework-request at spool.metasploit.com You can reach the person managing the list at framework-owner at spool.metasploit.com When replying, please edit your Subject line so it is more specific than "Re: Contents of Framework digest..." Today's Topics: 1. meta script idea (ricky-lee birtles) 2. Re: meta script idea (Carlos P?rez) ---------------------------------------------------------------------- Message: 1 Date: Mon, 15 Jun 2009 12:53:33 +0100 From: ricky-lee birtles <mr.r.birtles at gmail.com> Subject: [framework] meta script idea To: framework at spool.metasploit.com Message-ID: <7098191d0906150453j155e0009k183d9934008b7e54 at mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 A number of times I have had a session closed onto me due to either process terminating, or bad choice of a process to migrate to. Either way sometimes when we exploit a client by one way or another. Its hard and not ideal to try and exploit the client again, maybe they will get wise or supisuse as to while you are asking them to reopen that pdf/doc or exe up again. So I was wondering if anyone has thought about a meterpreter script that will upon receiving a session upload something like a meterpreter exe payload an set it up to auto run either on start up or at set intervals. I was just wondering if anything like this is already out there or not. Mr R Birtles ------------------------------ Message: 2 Date: Mon, 15 Jun 2009 08:25:29 -0400 From: Carlos P?rez <carlos_perez at darkoperator.com> Subject: Re: [framework] meta script idea To: ricky-lee birtles <mr.r.birtles at gmail.com> Cc: "framework at spool.metasploit.com" <framework at spool.metasploit.com> Message-ID: <68BEECA7-9649-45E8-ADA4-35C6D3EF0127 at darkoperator.com> Content-Type: text/plain; charset=us-ascii; format=flowed; delsp=yes The script is called scheduleme.rb you can use it to upload a meterpreter exe and schedule it in any of the intervals provided, be aware that it does not work with xp home edition and windows 2000 or erlier Sent from my iPhone On Jun 15, 2009, at 7:53 AM, ricky-lee birtles <mr.r.birtles at gmail.com> wrote:A number of times I have had a session closed onto me due to either process terminating, or bad choice of a process to migrate to. Either way sometimes when we exploit a client by one way or another. Its hard and not ideal to try and exploit the client again, maybe they will get wise or supisuse as to while you are asking them to reopen that pdf/doc or exe up again. So I was wondering if anyone has thought about a meterpreter script that will upon receiving a session upload something like a meterpreter exe payload an set it up to auto run either on start up or at set intervals. I was just wondering if anything like this is already out there or not. Mr R Birtles _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework------------------------------ _______________________________________________ Framework mailing list Framework at spool.metasploit.com https://mail.metasploit.com/mailman/listinfo/framework End of Framework Digest, Vol 17, Issue 15 *****************************************
-- Beenu Arora M.C.S.E. , C|EH +91-9911254288 www.BeenuArora.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090615/074ee2c3/attachment.htm>
Current thread:
- Framework Digest, Vol 17, Issue 15 Beenu Arora (Jun 15)