Metasploit mailing list archives

unable to reproduce WMF exploit

From: exceed at email.si (/dev/null)
Date: Tue, 10 Jan 2006 21:43:13 +0100

On Tue, 10 Jan 2006 at 16:03:54, H D Moore wrote:

The win32_exec payload runs with the window hidden by default, try this:
- set CMD "cmd.exe /c calc.exe"


Yep, that was the catch :)
I have tried the string above and it worked just fine. I also tried the 
following: 

- set CMD "cmd.exe /c cmd.exe"

but that didn't work. Anyway, setting the string to "cmd.exe /c start cmd.exe" 
executed just fine.

Thanks to everybody for your kind help.

E.

____________________
http://www.email.si/

Current thread:

unable to reproduce WMF exploit /dev/null (Jan 10)
- unable to reproduce WMF exploit Devin Ertel (Jan 10)
- unable to reproduce WMF exploit H D Moore (Jan 10)
- unable to reproduce WMF exploit Michael Wood (Jan 12)
  - unable to reproduce WMF exploit H D Moore (Jan 12)
- <Possible follow-ups>
- unable to reproduce WMF exploit /dev/null (Jan 10)