Metasploit mailing list archives
Re: framework Digest, Vol 62, Issue 4
From: rashed saed <saed.rak () gmail com>
Date: Tue, 19 Mar 2013 00:07:03 +0400
On ١٨/٠٣/٢٠١٣ ١:٠٠ ص, <framework-request () spool metasploit com> wrote:
Send framework mailing list submissions to framework () spool metasploit com To subscribe or unsubscribe via the World Wide Web, visit https://mail.metasploit.com/mailman/listinfo/framework or, via email, send a message with subject or body 'help' to framework-request () spool metasploit com You can reach the person managing the list at framework-owner () spool metasploit com When replying, please edit your Subject line so it is more specific than "Re: Contents of framework digest..." Today's Topics: 1. Meterpreter not exiting (Brian Seel) 2. Re: Meterpreter not exiting (Carlos Perez) 3. Re: Meterpreter not exiting (egypt () metasploit com) 4. 10 years of Hackers to Hackers Conference - Call for Papers (Rodrigo Rubira Branco (BSDaemon)) ---------------------------------------------------------------------- Message: 1 Date: Sat, 16 Mar 2013 16:13:03 -0400 From: Brian Seel <brian.seel () gmail com> To: framework () spool metasploit com Subject: [framework] Meterpreter not exiting Message-ID: <CADch=7k=xwdPQKYEX-K7X2NAmUp7QmCrpHGCTJsB68D= dneaVA () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" I have been doing some testing with Meterpreter recently (building an extension), and I noticed that I ended up with a bunch of running meterpreter payloads in the process list. I checked if I had any open sessions, and I did not. I had been closing my sessions with the exit command, so I looked at the code for that in the source/client. That simply calls exit(0)... which seems like it would just exit the client of meterpreter, but not the meterpreter server running remotely (which is what I am seeing). First off, am I doing something wrong? Second, is this behavior by design? -------------- next part -------------- An HTML attachment was scrubbed... URL: < http://mail.metasploit.com/pipermail/framework/attachments/20130316/5851c4ff/attachment-0001.html------------------------------ Message: 2 Date: Sat, 16 Mar 2013 16:34:50 -0400 From: Carlos Perez <carlos_perez () darkoperator com> To: Brian Seel <brian.seel () gmail com> Cc: "framework () spool metasploit com" <framework () spool metasploit com> Subject: Re: [framework] Meterpreter not exiting Message-ID: <F51FD478-2A46-4DCF-8CD0-42E4B0BA1568 () darkoperator com> Content-Type: text/plain; charset=us-ascii That is to be expected, have you tried changing in the exitfunc option? Sent from my iPhone On Mar 16, 2013, at 4:13 PM, Brian Seel <brian.seel () gmail com> wrote:I have been doing some testing with Meterpreter recently (building anextension), and I noticed that I ended up with a bunch of running meterpreter payloads in the process list. I checked if I had any open sessions, and I did not. I had been closing my sessions with the exit command, so I looked at the code for that in the source/client. That simply calls exit(0)... which seems like it would just exit the client of meterpreter, but not the meterpreter server running remotely (which is what I am seeing).First off, am I doing something wrong? Second, is this behavior bydesign?_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework------------------------------ Message: 3 Date: Sat, 16 Mar 2013 15:44:16 -0500 From: egypt () metasploit com To: framework () spool metasploit com Subject: Re: [framework] Meterpreter not exiting Message-ID: < CAOn7DB+ZUuugM0i1nCqZYoRZb5yKUebOxysB1TtAkaky28oO7g () mail gmail com> Content-Type: text/plain; charset="iso-8859-1" Reply fail. Also autocorrect fail. The C client is old and UNmaintained. ---------- Forwarded message ---------- From: <egypt () metasploit com> Date: Mar 16, 2013 3:36 PM Subject: Re: [framework] Meterpreter not exiting To: "Brian Seel" <brian.seel () gmail com> Cc: Are you looking the C client? That code is old and maintained. What msfconsole uses to talk to meterpreter is the ruby implementation in lib/rex/post/. I've noticed posix meterpreter hanging around after exit, but I haven't dug into why yet. What platform are you seeing this on? egypt On Mar 16, 2013 3:13 PM, "Brian Seel" <brian.seel () gmail com> wrote:I have been doing some testing with Meterpreter recently (building an extension), and I noticed that I ended up with a bunch of running meterpreter payloads in the process list. I checked if I had any open sessions, and I did not. I had been closing my sessions with the exit command, so I looked at the code for that in the source/client. Thatsimplycalls exit(0)... which seems like it would just exit the client of meterpreter, but not the meterpreter server running remotely (which iswhatI am seeing). First off, am I doing something wrong? Second, is this behavior bydesign?_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework-------------- next part -------------- An HTML attachment was scrubbed... URL: < http://mail.metasploit.com/pipermail/framework/attachments/20130316/dbf348f8/attachment-0001.html------------------------------ Message: 4 Date: Sat, 16 Mar 2013 14:24:26 -0700 From: "Rodrigo Rubira Branco (BSDaemon)" <rodrigo () kernelhacking com> To: framework () spool metasploit com Subject: [framework] 10 years of Hackers to Hackers Conference - Call for Papers Message-ID: <5144E30A.8090306 () kernelhacking com> Content-Type: text/plain; charset=ISO-8859-1 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CALL FOR PAPERS - Hackers 2 Hackers Conference 10th edition The call for papers for H2HC 10th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from 03 to 08 of October 2013. [ - Introduction - ] For the tenth consecutive year and past success we have been having, the annual Hackers 2 Hackers Conference will be held again in Sao Paulo, from 03 to 08 of October 2013 and aims to get together industry, government, academia and underground hackers to share knowledge and leading-edge ideas about information security and everything related to it. H2HC will feature national and international speakers and attendees with a wide range of skills. The atmosphere is favorable to present all facets of computer security subject and will be a great opportunity to network with like-minded people and enthusiasts. The conference is a dual-language conference, with ALL talks in English or simultaneously translated to English by professional linguists with experience in computer sciences translation. [ - The venue - ] H2HC 10th edition will take place at Novotel Morumbi (http://www.novotel.com/gb/hotel-0473-novotel-morumbi/index.shtml) in an auditorium with capacity for up to 600 people. Additionally, we will be helding BSides SP on October, 06 in an auditorium in the same venue with capacity for up to 200 people. [*] About Sao Paulo (taken from fiquemaisumdia.com.br) The city is the largest in Brazil and first in South America by population. Quite often Sao Paulo intimidates people because of its size, its constant pedestrian and vehicle traffic, ethnic and cultural multiplicity. Sao Paulo will surprise you whether you come here on business or for an expo, a congress or a convention, stay for at least one more day. Let yourself be seduced by the cultural diversity of this many-faceted city which vibrates, dictates fashion, is always anticipating trends, and welcomes Brazilians and foreigners from all over. And oh, do not forget to have fun in South America's wildest night life. [ - Topics - ] H2HC committee gives preference to lectures with practical demonstration. The conference staff will try to provide every equipment needed for the presentation in the case the author cannot provide them. The following topics include, but are not limited to: * Exploit development techniques * Telecom security and phone phreaking * Fuzzing and application security test * Penetration testing * Web application security * Techniques for development of secure software and systems * Hardware hacking, embedded systems and other electronic devices * Mobile devices exploitation, Symbian, P2K and bluetooth technologies * Analysis of virus, worms and all sorts of malwares * Reverse engineering * Rootkits * Security in Wi-Fi and VoIP environments * Information about smartcard and RFID security and similars * Technical approach to alternative operating systems * Denial of service attacks and/or countermeasures * Security aspects in SCADA and industrial environments and "obscure" networks * Cryptography * Lockpicking, trashing, physical security and urban exploration * Internet, privacy and Big Brother * Information warfare and industrial espionage [ - Important dates - ] Conference and trainings - H2HC Sao Paulo/Brazil October 03rd and 04th: H2HC trainings 1 October 05th and 06th: H2HC 10th edition October 07th and 08th: H2HC trainings 2 Deadline and submissions Deadline for proposal submissions: June 17 2013 Deadline for slides submissions: August 17 2013 Notification of acceptance or rejection: no later than July 10 2013 * E-mail for proposal submissions: coordenacao *noSPAM* h2hc *dot* com *dot* br Make sure to provide along with your submission the following details: * Speaker name or handle, address, e-mail, phone number and general contact information * A brief but informative description about your talk * Short biography of the presenter, including organization, company and affiliations * Estimated time-length of presentation * General topic of the speech (eg.: network security, secure programming, computer forensics, etc.) * Any other technical requirements for your lecture * Whether you need visa to enter Brazil or not Speakers will be allocated 50 minutes of presentation time, although, if needed, we can extend the presentation length if requested in advance. Preferable file format for papers and slides are both PDF and also PPT for slides. Speakers are asked to hand in slides used in their lectures. PLEASE NOTE: Bear in mind no sales pitches will be allowed. If your presentation involves advertisement of products or services please do not submit. [ - Information for speakers - ] Speakers' privileges are: * H2HC staff can guarantee and we will provide accommodation for 2 nights * For each non-resident speaker we might be able to cover travel expenses up to USD 1,000.00 * For each resident speaker we might be able to cover travel expenses * Free pass to the conference * Parties! Plenty of parties... Hope you enjoy it, otherwise you can stay in the hotel, sleep and regret!... [ - Program Committe - ] pipacs (PaX Team) spender (GRsecurity) Stefano Zanero (Politecnico di Milano) BSDaemon (Dissect || PE) [ - Other information - ] For further information please check out our web site http://www.h2hc.com.br/ it will be updated with everything regarding the conference. -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlFE4woACgkQRpuC3B/O3qE64wCfd3VM2ALUky4hXOAw8iFh1tMZ MzsAmwTJKoGBh4WbZZ+ZMtSANOYM+25T =RZt+ -----END PGP SIGNATURE----- ------------------------------ _______________________________________________ framework mailing list framework () spool metasploit com https://mail.metasploit.com/mailman/listinfo/framework End of framework Digest, Vol 62, Issue 4 ****************************************
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: framework Digest, Vol 62, Issue 4 rashed saed (Mar 18)