Metasploit mailing list archives
Re: new exploit windows/browser/java_basicservice_impl doesn't accept win payloads?
From: Eric <dkn4a1 () gmail com>
Date: Wed, 24 Nov 2010 11:33:46 +0530
On Tue, Nov 23, 2010 at 9:18 PM, Miguel Rios <miguelrios35 () yahoo com> wrote:
The reason i want to have an html file to play around with instead of on the fly html serving is that one could throw in an iframe pointing to another machine waiting full of exploits so that as the java_basicservice_impl exploit is served up we can direct our victim onwards. The way it's setup now is that if the vic is not vulnerable to the java_basicservice_impl exploit then that's it, you can't exploit them further. I hope I'm making some sense here.
The way I use to do this is using wget, like set up local server and $ wget --user-agent=Mozilla\/4.0\ \(compatible\;\ MSIE\ 7.0\;\ Windows\ NT\ 6.0\) URL OR In case if there are more files associated than only HTML file you can change the user-agent in firefox using this 'user-agent-switcher' addon and change to appropriate user agent. Then browse. Hope that helps.
--- On *Mon, 11/22/10, egypt () metasploit com <egypt () metasploit com>* wrote: From: egypt () metasploit com <egypt () metasploit com> Subject: Re: [framework] new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? To: "Miguel Rios" <miguelrios35 () yahoo com> Cc: framework () spool metasploit com Date: Monday, November 22, 2010, 9:03 PM It might be possible to modify the exploit to use some other method of launching the jnlp file, but the current method of redirecting is blocked by default IE7 and 8 when inside an iframe. Since browser_autopwn uses iframes for each exploit this issue makes the exploit largely useless in that context, so I have removed it from browser_autopwn. I've also switched the order of targets so now Windows should be the default. If you want to use a Java payload, set TARGET 1. Hope this helped, egypt On Mon, Nov 22, 2010 at 10:58 AM, Miguel Rios <miguelrios35 () yahoo com<http://mc/compose?to=miguelrios35 () yahoo com>> wrote:Hi, I've been messing around with the new exploit mentioned above. However,although when I open the ruby file I can see the option to use windows as well as java payloads, the exploit fails when it attempts to use a windows payload. I even tried with browser_autopwn and it also picks a windows payload by default, although it fails.I get this message: [*] [2010.11.22-17:49:54] Starting exploitwindows/browser/java_basicservice_impl with payload windows/meterpreter/reverse_tcp[-] [2010.11.22-17:49:54] Exploit failed: windows/meterpreter/reverse_tcpis not a compatible payload.[-] [2010.11.22-17:49:54] Failed to start exploit modulewindows/browser/java_basicservice_implIs this a bug? Also, while I'm at it, why can't we have these browserexploits write to an html file instead of serving the html on the fly? Writing to a file would allow for greater stealthiness and other goodies (like iframes), but it may not be feasible. Just an idea I thought I'd throw out.Thanks _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? Miguel Rios (Nov 22)
- Re: new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? egypt (Nov 22)
- Re: new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? egypt (Nov 22)
- Re: new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? Jeffs (Nov 22)
- Re: new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? Miguel Rios (Nov 23)
- Re: new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? Miguel Rios (Nov 26)
- Re: new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? Eric (Nov 26)
- Re: new exploit windows/browser/java_basicservice_impl doesn't accept win payloads? egypt (Nov 26)