PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

Re: metasploit gurus

From: Crest Johanson <shesma () ymail com>
Date: Sun, 9 Jan 2011 22:48:29 -0800 (PST)
I tried that already. The reverse connection doesn't make it to the attacker 
server.



________________________________
From: Bill Swearingen <hevnsnt () i-hacked com>
To: PaulDotCom Security Weekly Mailing List <pauldotcom () mail pauldotcom com>
Sent: Mon, January 10, 2011 4:34:03 AM
Subject: Re: [Pauldotcom] metasploit gurus

Dont use autopwn, try a reverse meterpreter shell on a port that is likely to 
bypass the proxy & get out (443, 22, 80, etc)


On Sun, Jan 9, 2011 at 1:10 PM, Crest Johanson <shesma () ymail com> wrote:

Hello all,


I'm studying attack vectors against the company I work for. Some  metasploit 
attacks work however, the proxy doesn't let the reverse  connection through. I 
tried to set the listening port to a port that the  proxy allows connections to, 
but it seems like the payload doesn't  initiate the connection through the 
proxy. 

Is there away to point the payload to the proxy and from the proxy to the 
attacker server?

For browser autopwn, the framework set listeners on  ports 3333,4444,6666,7777 
for different exploits, is there a way to  change these ports (maybe from 
source)? 


Thanks,


_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com





      
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: