Home page logo
/

metasploit logo Metasploit mailing list archives

Re: Framework Digest, Vol 27, Issue 12
From: Eric Dorman <dorman185 () gmail com>
Date: Sun, 11 Apr 2010 15:50:43 -0400

Hey guys,

I was wondering if you can create a tool in Metasploit without any Ruby code
and just write it in the typical DOS type? I doubt it will work though cause
I know the underlying part is Ruby.

How do you go about creating a tool in Metasploit if you're not a programmer
and just like making tools for protection?

Thanks & God Bless,
Eric

On Sun, Apr 11, 2010 at 3:00 PM, <framework-request () spool metasploit com>wrote:

Send Framework mailing list submissions to
       framework () spool metasploit com

To subscribe or unsubscribe via the World Wide Web, visit
       https://mail.metasploit.com/mailman/listinfo/framework
or, via email, send a message with subject or body 'help' to
       framework-request () spool metasploit com

You can reach the person managing the list at
       framework-owner () spool metasploit com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Framework digest..."


Today's Topics:

  1. adding msfencoded msfpayload to existing PDF (macubergeek)
  2. Re: adding msfencoded msfpayload to existing PDF (David Kennedy)
  3. error (Craig Freyman)
  4. Re: error (Craig Freyman)


----------------------------------------------------------------------

Message: 1
Date: Sat, 10 Apr 2010 15:04:29 -0400
From: macubergeek <macubergeek () comcast net>
To: framework metasploit <framework () spool metasploit com>
Subject: [framework] adding msfencoded msfpayload to existing PDF
Message-ID: <E44F6ADF-9E13-41B3-8BEC-1BF8797055F8 () comcast net>
Content-Type: text/plain; charset=us-ascii

CarnalOwnage had an interesting article about using msfencode to add an
msfpayload into an exisiting executable.
Is there a way to do the same but into a pdf file instead?
I've looked at the Social Engineering Toolkit but it seems to create a
trojaned blank pdf, not what I want.

Jim

~~~~~~~~~~~~~~~~~~~~~~
ACK and you shall receive



------------------------------

Message: 2
Date: Sat, 10 Apr 2010 15:09:27 -0400
From: David Kennedy <kennedyd013 () gmail com>
To: macubergeek <macubergeek () comcast net>
Cc: framework metasploit <framework () spool metasploit com>
Subject: Re: [framework] adding msfencoded msfpayload to existing PDF
Message-ID:
       <w2tb45cc0bf1004101209raf95347ct43293581cf6e58e () mail gmail com>
Content-Type: text/plain; charset="iso-8859-1"

Jim,

In SET you can replace the PDF in src/msf_attacks/form.pdf

Or you can just use Metasploit to create one:

exploit/windows/fileformat/adobe_pdf_embedded_exe

Hope that helps




On Sat, Apr 10, 2010 at 3:04 PM, macubergeek <macubergeek () comcast net
wrote:

CarnalOwnage had an interesting article about using msfencode to add an
msfpayload into an exisiting executable.
Is there a way to do the same but into a pdf file instead?
I've looked at the Social Engineering Toolkit but it seems to create a
trojaned blank pdf, not what I want.

Jim

~~~~~~~~~~~~~~~~~~~~~~
ACK and you shall receive

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <
http://mail.metasploit.com/pipermail/framework/attachments/20100410/e9404afb/attachment-0001.html


------------------------------

Message: 3
Date: Sat, 10 Apr 2010 21:39:28 -0600
From: Craig Freyman <craigfreyman () gmail com>
To: framework <framework () spool metasploit com>
Subject: [framework] error
Message-ID:
       <i2hcf582fdb1004102039h687260e2teb7815bec9a8d139 () mail gmail com>
Content-Type: text/plain; charset="iso-8859-1"

When using the adobe_pdf_embedded_exe exploit I get:

msf exploit(adobe_pdf_embedded_exe) > exploit

[*] Started reverse handler on 10.0.1.7:4444
[*] Reading in '/root/receipt.pdf'...
[*] Parsing '/root/receipt.pdf'...
[-] Exploit failed: undefined method `[]' for nil:NilClass
[*] Exploit completed, but no session was created.

Any ideas? I'm running v9046

Thanks,
Craig
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <
http://mail.metasploit.com/pipermail/framework/attachments/20100410/7673dc42/attachment-0001.html


------------------------------

Message: 4
Date: Sun, 11 Apr 2010 08:23:23 -0600
From: Craig Freyman <craigfreyman () gmail com>
To: framework <framework () spool metasploit com>
Subject: Re: [framework] error
Message-ID:
       <v2xcf582fdb1004110723tcdc74c68gc2ae3e06010cebf6 () mail gmail com>
Content-Type: text/plain; charset="iso-8859-1"

Disregard. It was only throwing this error on a specific PDF that I was
using as the input file.

On Sat, Apr 10, 2010 at 9:39 PM, Craig Freyman <craigfreyman () gmail com
wrote:

When using the adobe_pdf_embedded_exe exploit I get:

msf exploit(adobe_pdf_embedded_exe) > exploit

[*] Started reverse handler on 10.0.1.7:4444
[*] Reading in '/root/receipt.pdf'...
[*] Parsing '/root/receipt.pdf'...
[-] Exploit failed: undefined method `[]' for nil:NilClass
[*] Exploit completed, but no session was created.

Any ideas? I'm running v9046

Thanks,
Craig


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <
http://mail.metasploit.com/pipermail/framework/attachments/20100411/38dfcda6/attachment-0001.html


------------------------------

_______________________________________________
Framework mailing list
Framework () spool metasploit com
https://mail.metasploit.com/mailman/listinfo/framework


End of Framework Digest, Vol 27, Issue 12
*****************************************




-- 
Think Like A Hacker, And You Will Stop Them In Their Tracks -Hacking 6
Exposed.

Friends Don't Let Friends Use IE6

Mozilla Volunteer Developer
http://www.firefox.com/
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault