Metasploit mailing list archives
Re: Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow
From: Julião Barbin <juliobarbin () hotmail com>
Date: Mon, 26 Jul 2010 09:21:23 -0300
Ok,Thanks for the help,jcb
Date: Sun, 25 Jul 2010 21:26:56 -0500 From: jdrake () metasploit com To: juliobarbin () hotmail com CC: framework () spool metasploit com Subject: Re: [framework] Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow On Tue, Jul 20, 2010 at 12:09:08PM -0300, Juli?o Barbin wrote:Good evening friends, on my pc found the flaw Messenger ActiveX Control Buffer Overflow YVerInfo.dll then entered the site and searched the metasploit failure CVE-2007-4515, if the typed commands as the link http://www.metasploit.com/modules/exploit/windows/browser/yahoomessenger_fvcom and ran the command exploit ... there was [*] Exploit running the background job [-] Handler failed to bind to 10.20.4.63:4444 (where the machine is vulnerable) [*] Started reverse handler on 0.0.0.0:4444 [*] Unsing URL: http://0.0.0.0:8080/S85gRUvyp0 [*] Local IP: http://10.20.6.126:8080 / S85gRUvyp0 [*] Server Started.You appear to have used LHOST incorrectly. Based on the output provided, you should set it to 10.20.6.126 (LHOST == listen host). After running the exploit, you'll still need to convince a user on that machine to visit your web site (http://10.20.6.126:8080/S85gRUvyp0) Hope this helps, -- Joshua J. Drake
_________________________________________________________________ TRANSFORME SUAS FOTOS EM EMOTICONS PARA O MESSENGER. CLIQUE AQUI PARA COMEÇAR. http://ilm.windowslive.com.br/?ocid=ILM:Live:Hotmail:Tagline:senDimensao:TRANSFORME78:-
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow Julião Barbin (Jul 20)
- Re: Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow Joshua J. Drake (Jul 25)
- Re: Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow Julião Barbin (Jul 26)
- Re: Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer Overflow Joshua J. Drake (Jul 25)