Metasploit mailing list archives

Re: How can I put my own dll in webdav_dll_HijackerExploit?

From: "Phrack" <phrackchen () hotmail com>
Date: Fri, 24 Sep 2010 14:11:32 +0800

I copied webdav_dll_Hijacker to webdav_dll_Hijacker2 and inserted
"p.encode='my encoded shellcode'" before "data = generate_payload_dll({
:code => p.encoded })" into it. It worked as expected. Thank HD and Joshua.


But if I use the default webdav_dll_Hijacker and set encoder shikata_ga_nai,
it send me an error message when the job send dll to my target. Is my doing
wrong in somewhere or this encoder not supported by webdab_dll_hijacker?

--------------------------------------------------
From: "HD Moore" <hdm () metasploit com>
Sent: Tuesday, September 21, 2010 11:42 PM
To: <framework () spool metasploit com>

Subject: Re: [framework] How can I put my own dll inwebdav_dll_HijackerExploit?

On 9/21/2010 10:02 AM, Phrack Chen wrote:

Hi,

I found that the default payload of webdav_dll_Hijacker can be detected
and prevented by many AVs and IDSs. I generated my own dll which can
execute a meterpreter/reverse_https payload in an exe file, the two
files can bypass all AVs and IDSs I have. But I don't know how to put
them in webdav_dll_Hijacker of Metasploit3 after looking up the
webdav_dll_hijacker.rb. Can anyone give me a quick answer?


Modify the module or rename it and patch it allow an arbitrary DLL
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

How can I put my own dll in webdav_dll_Hijacker Exploit? Phrack Chen (Sep 21)
- Re: How can I put my own dll in webdav_dll_Hijacker Exploit? HD Moore (Sep 21)
  - Re: How can I put my own dll in webdav_dll_HijackerExploit? Phrack (Sep 23)
- Re: How can I put my own dll in webdav_dll_Hijacker Exploit? Joshua J. Drake (Sep 21)