Metasploit mailing list archives

Re: AdobeLibTiffquestion

From: Shohn <bigshohn () yahoo com>
Date: Thu, 3 Jun 2010 08:32:30 -0500

I just tested last night using the reverse_tcp meterpreter on Windows XP SP3
with adobe 9.2 and it worked. Is something checking that outbound ssl is
actually ssl?

Since we're on the subject, has anyone had any luck with bypassing A/V
and/or different ways of encoding this and some of the other adobe exploits?
In particular, I'm curious if there is to be or already exists some sort of
obfuscation module for the javascript / tiff parts. For example, for the
newplayer bug, it looks like Symantec AV triggers on something like
this.media.newPlayer because this.media.newXlayer is not detected as
anything.

Shohn


On Thu, Jun 3, 2010 at 7:56 AM, f10 410 <presseften () gmail com> wrote:

Hi 4all!

I try this tutorial http://www.youtube.com/watch?v=Ars45ojFAtw but it did
not work, I'm using windows/meterpreter/reverse_https payload but I cant get
any result:( my test box is WinXP SP3 Adobe Reader 9.1, i tried it on
LAN(wired an wireless also), wireshark gives null result.
If somebody has any idea please send it me.
Thanks!

Regards F10!

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

AdobeLibTiffquestion f10 410 (Jun 03)
- Re: AdobeLibTiffquestion HD Moore (Jun 03)
- Re: AdobeLibTiffquestion Shohn (Jun 03)
  - Re: AdobeLibTiffquestion Shohn (Jun 03)