Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: LNK Exploit Export

From: Hendrik Baecker <andurin () process-zero de>
Date: Sun, 25 Jul 2010 10:30:48 +0200


Am 24.07.10 21:47, schrieb Florian Roth:

 
I noticed that every time I copied the generated DLL and LNK file to a
different directory, the exploit does not work anymore. So I suppose
that the code is bound to a fixed path where the DLL has to be located.


Don't suppose - know!

hexdump -C /path/to/your.lnk ^^


I'd like to send the exploit to a friend who wants to demonstrate the
impact to the rest of the IT staff. 
Is there a possibility to export the exploit or change the absolute path
to the DLL so he is able to put the LNK and DLL to i.e. "C:\" ?? 



I would try to hexedit the lnk to change the voodoo you found by
hexdump. Didn't try it myself yet, maybe some more knowledge about LNK
file structure / the weak M$ code is needed.
I wouldn't say the DLL itself might be a problem - it's just a PE DLL'd
payload.

Back to your question - I'm not aware of an export function in metasploit.

Cherio!
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: