Fwd: Gonzor / Themiddler / PEScrambler

[NSweaney at tulsacash.com (Nathan Sweaney)]

if I remember correctly, the Gonzor payload was basically just a
well-written batch file that called several utilities from
http://www.nirsoft.net/. 
 
so if you've already got a usable exploit just use the meterpreter &
copy the utilities over that you want to use.
 
in fact you could probably create meterpreter scripts that would do each
of the things you want more efficiently.

________________________________

From: pauldotcom-bounces at mail.pauldotcom.com
[mailto:pauldotcom-bounces at mail.pauldotcom.com] On Behalf Of Noah
Sent: Wednesday, December 17, 2008 5:35 PM
To: 'PaulDotCom Security Weekly Mailing List'
Subject: Re: [Pauldotcom] Fwd: Gonzor / Themiddler / PEScrambler



Hi, 

 

While we're still talking about the Gonzor payload, has anyone had any
luck with - or seen something similar to Gonzor for metasploit? The
saved password dumping that the Gonzor payload does would be
exceptionally handy in a pentest as a metasploit payload. 

 

- Noah

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081217/bd64399e/attachment.htm