Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: browser_autopwn script issues

From: Carlos Perez <carlos_perez () darkoperator com>
Date: Sat, 2 Oct 2010 15:53:43 -0400
The only script supported under java Meterpreter ios multicommand and multiconsole scripts. 

Cheers,
Carkis

On Oct 2, 2010, at 3:23 PM, Miguel Rios wrote:



Hi,

Quick question on how to get my scripts to run once meterpreter shell is available with browser_autopwn (great script 
I just started experimenting with)
.
I tried to set InitialAutoRunScript to multiscript.rb -rc /path/todo.lst. Then on my todo.lst I have stuff like 
winenum, scraper, etc.

I noticed that after popping my win 7 running firefox with a java metepreter (why java was chosen I don't know), i do 
get a session but my scripts don't get run. Am I doing something wrong here?
I also noticed that the java meterpreter couldn't run a bunch of scripts and commands when I tried to do it manually. 
Specifically ps failed, firefox enum isn't supported and upload and execute also failed with some type of file path 
error (couldn't create the file in %temp% which is weird since any user should be able to do that). Other more basic 
commands like sysinfo getuid worked fine.

Anyway, I've noticed also that some other java things have been strange lately, like rel1k's java applet attack 
method suddenly stopped working for me (ie the applet is run by the client but nothing happens, sometimes even opens 
up a dos window showing java.exe is running but no shell or outbound connections occur). Was there some kind of major 
update of java that has broken some of our tools or is it likely just a coincidence?

Thanks Egypt for an awesome tool. I was hoping one could maybe add a priority list of exploits (ie try aurora first, 
then quicktime, etc) and choose different payloads according to the user agent (ie I'd rather have a regular windows 
meterpreter shell than java, or even a reverse https meterpreter payload).

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: