Metasploit mailing list archives
Re: How can I put my own dll in webdav_dll_Hijacker Exploit?
From: "Joshua J. Drake" <jdrake () metasploit com>
Date: Tue, 21 Sep 2010 11:39:55 -0500
On Tue, Sep 21, 2010 at 11:02:12PM +0800, Phrack Chen wrote:
Hi, I found that the default payload of webdav_dll_Hijacker can be detected and prevented by many AVs and IDSs. I generated my own dll which can execute a meterpreter/reverse_https payload in an exe file, the two files can bypass all AVs and IDSs I have. But I don't know how to put them in webdav_dll_Hijacker of Metasploit3 after looking up the webdav_dll_hijacker.rb. Can anyone give me a quick answer?
As of yesterday, you should be able to do: msf exploit(webdav_dll_hijacker) > set EXE::Path /path/to/your/dll EXE::Path => /path/to/your/dll Assuming your DLL contains the necessary 8192 byte payload area, which starts with the "PAYLOAD:" tag, it should work. For more information see Msf::Util::EXE.to_win32pe_dll in lib/msf/util/exe.rb Hope this helps, -- Joshua J. Drake
Attachment:
_bin
Description:
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- How can I put my own dll in webdav_dll_Hijacker Exploit? Phrack Chen (Sep 21)
- Re: How can I put my own dll in webdav_dll_Hijacker Exploit? HD Moore (Sep 21)
- Re: How can I put my own dll in webdav_dll_HijackerExploit? Phrack (Sep 23)
- Re: How can I put my own dll in webdav_dll_Hijacker Exploit? Joshua J. Drake (Sep 21)
- Re: How can I put my own dll in webdav_dll_Hijacker Exploit? HD Moore (Sep 21)