Re: HTTP Tunneling + Java Applet Proxy Auth

[HD Moore <hdm () metasploit com>]

On 7/8/2011 1:58 AM, Ty Miller wrote:
> Hey guys,
>
> I have been using the HTTP tunnelling payload with the Java applet
> exploit for social engineering.
>
> When the applet is run on the system, it attempts to connect over the
> proxy. At this point we get a Java authentication prompt from the proxy
> (since I assume the applet doesn't pick up on the integrated AD
> authentication). Once the username and password are entered, nothing
> else happens.
>
> I am assuming that the payload failed due to the authentication prompt.
>
> Any thoughts on getting around this?

Use the native Win32 meterpreter + reverse_https instead of the Java
Meterpreter, Java should be using the native proxy auth settings for its
own download though
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework