Metasploit mailing list archives
Framework Digest, Vol 21, Issue 12
From: moshe at injection.co.il (Moshe Ben Simon)
Date: Tue, 13 Oct 2009 08:34:00 +0200
Try it on linux . The windows dev version have problem creating this kind of attack. Moshe -----Original Message----- From: framework-bounces at spool.metasploit.com [mailto:framework-bounces at spool.metasploit.com] On Behalf Of framework-request at spool.metasploit.com Sent: Monday, October 12, 2009 9:00 PM To: framework at spool.metasploit.com Subject: Framework Digest, Vol 21, Issue 12 Send Framework mailing list submissions to framework at spool.metasploit.com To subscribe or unsubscribe via the World Wide Web, visit https://mail.metasploit.com/mailman/listinfo/framework or, via email, send a message with subject or body 'help' to framework-request at spool.metasploit.com You can reach the person managing the list at framework-owner at spool.metasploit.com When replying, please edit your Subject line so it is more specific than "Re: Contents of Framework digest..." Today's Topics: 1. adobe_pdf_embedded_exe working? msf 3.3 dev windows (thesels1 at hushmail.me) ---------------------------------------------------------------------- Message: 1 Date: Sun, 11 Oct 2009 19:06:29 -0700 From: thesels1 at hushmail.me To: framework at spool.metasploit.com Subject: [framework] adobe_pdf_embedded_exe working? msf 3.3 dev windows Message-ID: <20091012020629.AF57C11803D at smtp.hushmail.com> Content-Type: text/plain; charset="UTF-8" -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 hi, no evil.pdf is created in c:\pentest\data\. using msf 3.3 dev/win. msf exploit(adobe_pdf_embedded_exe) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- EXENAME c:/pentest/calc.exe no The Name of payload exe. FILENAME evil.pdf no The output filename. INFILENAME c:/pentest/1.pdf no The Input PDF filename. OUTPUTPATH c:/pentest/data/ no The location to output the file. Payload options (windows/meterpreter/bind_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique: seh, thread, process LPORT 4444 yes The local port RHOST no The target address Exploit target: Id Name -- ---- 0 Adobe Reader v8.x, v9.x (Windows XP SP3 English) [*] Started bind handler [*] Reading in 'c:/pentest/1.pdf'... [*] Parseing 'c:/pentest/1.pdf'... [*] Parseing Successfull. [*] Using 'c:/pentest/calc.exe' as payload... [-] Exploit failed: key not found [*] Exploit completed, but no session was created. cheers, sels1 -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkrSjyUACgkQhx5k37N4+4D17AP/TS9TrYcj1q17to7EOA5z1+GYFtE3 1BBswhoxVtUE2UwGBNFvu57oVzGY/7rhfoY0A3h3Y5e1Ek3bthDkqewIH+SNReIe9+tc 2Oj3z9xB4neupTA5MHu+EsYyDK0lPCvEcn+AwO0FSaIWUNYbkVf8MhTHGeAeS0fQkSUD 9N5WqFc= =5+ec -----END PGP SIGNATURE----- ------------------------------ _______________________________________________ Framework mailing list Framework at spool.metasploit.com https://mail.metasploit.com/mailman/listinfo/framework End of Framework Digest, Vol 21, Issue 12 *****************************************
Current thread:
- Framework Digest, Vol 21, Issue 12 Moshe Ben Simon (Oct 12)