Metasploit mailing list archives
Re: java_signed_applet questino
From: egypt () metasploit com
Date: Wed, 24 Mar 2010 10:41:11 -0600
Those are mostly general options that apply to all exploits. EnableContextEncoding and ContextInformationFile refer to the technique described here: http://www.uninformed.org/?v=9&a=3&t=txt . Quoting HDM from a previous question about the subject: ``Basically you can use a "shared secret" (existing memory) to encode the shellcode so that even with full network captures it is impossible to decrypt without knowing what memory was used.'' DisablePayloadHandler just means that we don't try to catch the shell that the payload executes. It's there so you can run a single exploit/multi/handler instance to catch lots of shells on the same port from different exploits. WORKSPACE is a way to segment the database for dealing with multiple engagements. See the db_workspace command. SAVETOFILE is the only option here directly related to java_signed_applet. It causes the module to save your payload as a file instead of running as a webserver and giving it to connecting clients. Hope this helped, egypt On Wed, Mar 24, 2010 at 10:24 AM, Jeffs <jeffs () speakeasy net> wrote:
In the java_signed_applet module here are some settings that can be played with: ContextInformationFile The information file that contains context information DisablePayloadHandler Disable the handler code for the selected payload EnableContextEncoding Use transient context when encoding payloads SAVETOFILE When set, source is saved to this directory under external/source/ WORKSPACE Specify the workspace for this module ContextInformationFile: Is this a file that contains text/html that can be displayed on the page? DisablePayloadHander: does that mean to not execute the payload? EnableContextEncoding: what encoding can be used? What is SaveToFile? What is Workspace? Any help much appreciated. _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- msf3 file kits1 kits1 (Mar 17)
- Re: msf3 file ricky-lee birtles (Mar 17)
- Re: msf3 file ricky-lee birtles (Mar 18)
- FW: msf3 file m4jh0l unkown (Mar 19)
- java_signed_applet questino Jeffs (Mar 24)
- Re: java_signed_applet questino HD Moore (Mar 24)
- Re: java_signed_applet questino egypt (Mar 24)
- Re: java_signed_applet questino Jeffs (Mar 24)
- Re: java_signed_applet questino egypt (Mar 24)
- Message not available
- Re: java_signed_applet questino egypt (Mar 24)
- java_signed_applet hangs Jeffs (Mar 26)
- Re: java_signed_applet hangs HD Moore (Mar 26)
- FW: msf3 file m4jh0l unkown (Mar 19)
- Re: java_signed_applet question Jeffs (Mar 24)
- Re: java_signed_applet question HD Moore (Mar 24)
- Re: java_signed_applet question natron (Mar 24)
- Message not available
- Re: java_signed_applet question Nathan Keltner (Mar 29)
- input custom .exe to msf Jeffs (Mar 28)