Metasploit mailing list archives
ms10_xxx_helpctr_xss_cmd_exec obfuscation
From: One Time <onetime99 () ymail com>
Date: Fri, 18 Jun 2010 14:21:51 +0000 (GMT)
Hi, "ms10_xxx_helpctr_xss_cmd_exec" is working without any problem but I can't figure out how to properly obfuscate the HTML/Javascript code generated by metasploit for the exploitation. I tried to set the the various HTML::javascript::escape, HTML::base64 ecc variables but when I launch the "exploit" command metasploit always generate a perfectly readable HTML page and my test AV (AVG free) is flagging and blocking it as an exploit. Can someone point me in the right direction? Is it possible to obfuscate the payload and the HTML page in some way using only metasploit framework tools/options? Thank you for your support and your hard work.
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- ms10_xxx_helpctr_xss_cmd_exec obfuscation One Time (Jun 18)
- Targeting PDAs Jeffs (Jun 19)