Home page logo

metasploit logo Metasploit mailing list archives

ms10_xxx_helpctr_xss_cmd_exec obfuscation
From: One Time <onetime99 () ymail com>
Date: Fri, 18 Jun 2010 14:21:51 +0000 (GMT)

"ms10_xxx_helpctr_xss_cmd_exec" is working without any problem but I can't figure out how to properly obfuscate the 
HTML/Javascript code generated by metasploit for the exploitation.
I tried to set the the various HTML::javascript::escape, HTML::base64 ecc variables but when I launch the "exploit" 
command metasploit always generate a perfectly readable HTML page and my test AV (AVG free) is flagging and blocking it 
as an exploit.
Can someone point me in the right direction? Is it possible to obfuscate the payload and the HTML page in some way 
using only metasploit framework tools/options?

Thank you for your support and your hard work.


  By Date           By Thread  

Current thread:
  • ms10_xxx_helpctr_xss_cmd_exec obfuscation One Time (Jun 18)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]