Re: reverse meterpreter using internet explorer proxy settings of the victim machine

[scriptjunkie <scriptjunkie1 () googlemail com>]

That payload does not exist right now.

But it would be useful to have. If you want to create it, here's what
I would do:
try a direct connection;
look at HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings for ProxyServer settings and try the proxy listed;
If there is none, or that doesn't work, the client may be using proxy
auto-config. Look at using WinHTTP to find the proxy settings. You
will need to find those settings, then call WinHttpGetProxyForUrl to
figure out what proxy to use. See
http://msdn.microsoft.com/en-us/library/aa384122%28VS.85%29.aspx
If automatically finding it does not work, or IE is set to use a
different PAC URL, then look in the registry for that URL and use the
WinHTTP functions to figure out what proxy you will use.
Then once you have the proxy, make a connect request, and turn control
over to the meterpreter dll.
As you can see, it is complicated to cover every configuration. If you
create the payload, please share.


On Sun, Aug 1, 2010 at 12:39 AM, Augusto Pereyra <aepereyra () gmail com> wrote:
>  i'd like to know if is possible create some kind of payload to make a
> reverse connection to the attacker ip using the iexplorer's proxy
>    settings. i know some details about passivex payload but it is
> useless against internet explorer 7 or 8.
>    i will appreciate your answer.
>    Augusto Pereyra
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework



-- 
scriptjunkie
https://scriptjunkie1.wordpress.com/
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework