Metasploit mailing list archives
using metasploit along with web proxies
From: kcrond ubun <kcrond () gmail com>
Date: Mon, 30 Aug 2010 09:29:08 +0800
Hi, I would like to find out if the proxies options is extended to the meterpreter? I.e. can I set the meterpreter to pass through my proxy IP address before connecting back to the listener? Thanks Kcrond On Fri, Aug 27, 2010 at 11:33 PM, <framework-request () spool metasploit com>wrote:
Send framework mailing list submissions to framework () spool metasploit com To subscribe or unsubscribe via the World Wide Web, visit https://mail.metasploit.com/mailman/listinfo/framework or, via email, send a message with subject or body 'help' to framework-request () spool metasploit com You can reach the person managing the list at framework-owner () spool metasploit com When replying, please edit your Subject line so it is more specific than "Re: Contents of framework digest..." Today's Topics: 1. Dynamically Generated Final Stages (Ty Miller) 2. middle stage listener and threads (Ty Miller) 3. How to write a metasploit module (peppux) 4. Re: How to write a metasploit module (ricky-lee birtles) 5. Re: How to write a metasploit module (NSO Research) 6. test/aggressive (Florian Roth) 7. using metasploit along with web proxies (Binoy Dalal) 8. Re: using metasploit along with web proxies (Lukas Kuzmiak) 9. Re: using metasploit along with web proxies (c0lists) 10. Re: test/aggressive (egypt () metasploit com) ---------------------------------------------------------------------- Message: 1 Date: Fri, 27 Aug 2010 08:13:26 +1000 From: Ty Miller <tyronmiller () gmail com> To: framework () spool metasploit com Subject: [framework] Dynamically Generated Final Stages Message-ID: <AANLkTinmOKXhur73LcCxf7z3dC0oVcO7sjrVcB6h-JKL () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" Hey guys, When writing staged shellcode for metasploit, how do you get the final stage that was selected by the user (eg, meterpreter or shell or bind, etc) to be dynamically included within the module or handler? For example, say that a user selects the payload "windows/meterpreter/awesome_payload" then the meterpreter stage needs to be dynamically generated and used by the handler to tunnel it through to the compromised host (or soon to be compromised host). But if the user selects the payload "windows/shell/awesome_payload" then the shell stage needs to be dynamically generated and passed to the compromised host via the handler. Do I need to use msfpayload within the handler or something? Thanks, Ty -------------- next part -------------- An HTML attachment was scrubbed... URL: < http://mail.metasploit.com/pipermail/framework/attachments/20100827/06513315/attachment-0001.html------------------------------ Message: 2 Date: Fri, 27 Aug 2010 08:43:56 +1000 From: Ty Miller <tyronmiller () gmail com> To: framework () spool metasploit com Subject: [framework] middle stage listener and threads Message-ID: <AANLkTi=9O-QYk4Q5d8ny9-AiJm-L4pexOYoSMq2_wi7W () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" Hey Guys, Whats the best way when developing payloads to implement a middle stager to handle the communication between the final stage (like meterpreter or shell) and the msfconsole? I was thinking of using bind_tcp with the final stage, and the middle stage read/write to the local listening port. Is there a better way? Also, to split the payload into a middle stage and the final stage so that they are running at the same time, I was thinking of using threads for Windows. Would this be the right way to go? Thx, Ty -------------- next part -------------- An HTML attachment was scrubbed... URL: < http://mail.metasploit.com/pipermail/framework/attachments/20100827/96446db1/attachment-0001.html------------------------------ Message: 3 Date: Fri, 27 Aug 2010 11:59:24 +0200 From: peppux <peppux () gmail com> To: framework () spool metasploit com Subject: [framework] How to write a metasploit module Message-ID: <AANLkTi=piLxuP2M_UwhGh4fuif3zAKSFAPCxPEssmcD_ () mail gmail com> Content-Type: text/plain; charset=ISO-8859-1 Hello guys, I would like to learn how to write modules for Metasploit. Is there any tutorials online? ------------------------------ Message: 4 Date: Fri, 27 Aug 2010 11:11:19 +0100 From: ricky-lee birtles <mr.r.birtles () gmail com> To: framework () spool metasploit com Subject: Re: [framework] How to write a metasploit module Message-ID: <AANLkTim1az0G+8dHw-df6-GyCq8T23goFVZGiOvkxQA9 () mail gmail com<AANLkTim1az0G%2B8dHw-df6-GyCq8T23goFVZGiOvkxQA9 () mail gmail com>Content-Type: text/plain; charset=ISO-8859-1 http://www.offensive-security.com/metasploit-unleashed/ - 14 Building a Module also keep you eye on the following http://www.metasploit.com/redmine/projects/framework/wiki/DeveloperGuide Regards, -- Mr R Birtles On 27 August 2010 10:59, peppux <peppux () gmail com> wrote:Hello guys, I would like to learn how to write modules for Metasploit. Is there any tutorials online? _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework------------------------------ Message: 5 Date: Fri, 27 Aug 2010 12:13:32 +0200 From: NSO Research <nso-research () sotiriu de> To: framework () spool metasploit com Subject: Re: [framework] How to write a metasploit module Message-ID: <4C778FCC.9010900 () sotiriu de> Content-Type: text/plain; charset=ISO-8859-1 http://www.offensive-security.com/metasploit-unleashed/ Am 27.08.2010 11:59, schrieb peppux:Hello guys, I would like to learn how to write modules for Metasploit. Is there any tutorials online? _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework------------------------------ Message: 6 Date: Fri, 27 Aug 2010 12:25:38 +0200 From: Florian Roth <Neo.X () web de> To: framework () spool metasploit com Subject: [framework] test/aggressive Message-ID: <1282904738.1744.10.camel@ubuntu> Content-Type: text/plain; charset="UTF-8" Can anybody tell me what this exploit is good for? test/aggressive I dont understand the brief description. Is there a piece of documentation describing what it does? -- Sincerely Saludos cordiales Florian ------------------------------ Message: 7 Date: Fri, 27 Aug 2010 18:03:56 +0530 From: Binoy Dalal <lttazz99 () gmail com> To: framework () spool metasploit com Subject: [framework] using metasploit along with web proxies Message-ID: <AANLkTinByp_ZG-XaWGY7Oy2khPKzqLCWZj5chzk3dFu7 () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" can i use metasploit along with a web proxy? if yes then how can i do it? thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: < http://mail.metasploit.com/pipermail/framework/attachments/20100827/e6074442/attachment-0001.html------------------------------ Message: 8 Date: Fri, 27 Aug 2010 14:46:15 +0200 From: Lukas Kuzmiak <metasploit () backstep net> To: Binoy Dalal <lttazz99 () gmail com> Cc: framework () spool metasploit com Subject: Re: [framework] using metasploit along with web proxies Message-ID: <AANLkTim5hOD1gkXw7TTp4JGySe8wzkQZBO1ypkVzac=R () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" Hi, some of auxiliary modules and exploits have an option called PROXIES where you can specify you want to use proxy, however you can use tools like proxychains to do this as well. Lukas Only wimps use tape backup: _real_ men just upload their important stuff on ftp, and let the rest of the world mirror it ;). Torvalds, Linus (1996-07-20). On Fri, Aug 27, 2010 at 2:33 PM, Binoy Dalal <lttazz99 () gmail com> wrote:can i use metasploit along with a web proxy? if yes then how can i do it? thanks _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework-------------- next part -------------- An HTML attachment was scrubbed... URL: < http://mail.metasploit.com/pipermail/framework/attachments/20100827/e41fc1c6/attachment-0001.html------------------------------ Message: 9 Date: Fri, 27 Aug 2010 08:48:14 -0400 From: c0lists <lists () carnal0wnage com> To: Binoy Dalal <lttazz99 () gmail com> Cc: framework () spool metasploit com Subject: Re: [framework] using metasploit along with web proxies Message-ID: <AANLkTinAWWchskUrHeSTmMpODCxYnXcSFs0XQmMw+5t2 () mail gmail com<AANLkTinAWWchskUrHeSTmMpODCxYnXcSFs0XQmMw%2B5t2 () mail gmail com>Content-Type: text/plain; charset=ISO-8859-1 set Proxies socks4:127.0.0.1:5555 set Proxies socks5:127.0.0.1:5555 or for http proxy type: set Proxies http:ip:port On Fri, Aug 27, 2010 at 8:33 AM, Binoy Dalal <lttazz99 () gmail com> wrote:can i use metasploit along with a web proxy? if yes then how can i do it? thanks _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework------------------------------ Message: 10 Date: Fri, 27 Aug 2010 09:33:08 -0600 From: egypt () metasploit com To: Florian.Roth () email de Cc: framework () spool metasploit com Subject: Re: [framework] test/aggressive Message-ID: <AANLkTi==m1u+mbjAKehq_UzMxL1jshDkthi+J9LLj9iv () mail gmail com<m1u%2BmbjAKehq_UzMxL1jshDkthi%2BJ9LLj9iv () mail gmail com>Content-Type: text/plain; charset=ISO-8859-1 Everything under exploit/test/ is for testing the framework in some way. exploit/test/aggressive can be used with a service that reads data from a socket and jmps to it. Hope this helped, egypt On Fri, Aug 27, 2010 at 4:25 AM, Florian Roth <Neo.X () web de> wrote:Can anybody tell me what this exploit is good for? test/aggressive I dont understand the brief description. Is there a piece of documentation describing what it does? -- Sincerely Saludos cordiales Florian _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework------------------------------ _______________________________________________ framework mailing list framework () spool metasploit com https://mail.metasploit.com/mailman/listinfo/framework End of framework Digest, Vol 31, Issue 20 *****************************************
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- using metasploit along with web proxies Binoy Dalal (Aug 27)
- Re: using metasploit along with web proxies Lukas Kuzmiak (Aug 27)
- Re: using metasploit along with web proxies c0lists (Aug 27)
- <Possible follow-ups>
- using metasploit along with web proxies kcrond ubun (Aug 29)
- Re: using metasploit along with web proxies HD Moore (Aug 30)