Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Meterpreter + SSL

From: jabra at spl0it.org (Jabra)
Date: Fri, 26 Jun 2009 19:36:01 -0400
HDM FTW!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

On 26.Jun.2009 06:24PM -0500, HD Moore wrote:

The meterpreter payload in the SVN trunk (3.3-dev) now uses SSL by default. 
Any staging activities (including the upload of metsrv.dll) will still be 
in cleartext, but all meterpreter communications are now protected by SSL 
automatically. This SSL mode does NO verification, so its still possible 
for someone to MITM the session, but this buys some privacy-by-default.

-HD
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


-- 
Jabra < jabra at spl0it.org >
http://www.spl0it.org
Previous By Date Next
Previous By Thread Next

Current thread: