Metasploit mailing list archives
Re: Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow
From: "Joshua J. Drake" <jdrake () metasploit com>
Date: Sun, 25 Jul 2010 21:26:56 -0500
On Tue, Jul 20, 2010 at 12:09:08PM -0300, Juli?o Barbin wrote:
Good evening friends, on my pc found the flaw Messenger ActiveX Control Buffer Overflow YVerInfo.dll then entered the site and searched the metasploit failure CVE-2007-4515, if the typed commands as the link http://www.metasploit.com/modules/exploit/windows/browser/yahoomessenger_fvcom and ran the command exploit ... there was [*] Exploit running the background job [-] Handler failed to bind to 10.20.4.63:4444 (where the machine is vulnerable) [*] Started reverse handler on 0.0.0.0:4444 [*] Unsing URL: http://0.0.0.0:8080/S85gRUvyp0 [*] Local IP: http://10.20.6.126:8080 / S85gRUvyp0 [*] Server Started.
You appear to have used LHOST incorrectly. Based on the output provided, you should set it to 10.20.6.126 (LHOST == listen host). After running the exploit, you'll still need to convince a user on that machine to visit your web site (http://10.20.6.126:8080/S85gRUvyp0) Hope this helps, -- Joshua J. Drake
Attachment:
_bin
Description:
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow Julião Barbin (Jul 20)
- Re: Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow Joshua J. Drake (Jul 25)
- Re: Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow Julião Barbin (Jul 26)
- Re: Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow Joshua J. Drake (Jul 25)