mailing list archives
Re: PassiveX is dead?
From: HD Moore <hdm () metasploit com>
Date: Mon, 20 Jun 2011 10:34:52 -0500
On 6/20/2011 10:00 AM, Richard Miles wrote:
Hey HD Moore
I see. But reverse_https is not able to reuse the same connection from
IE, right? Sor for example, if the IE browser uses a proxy and the
proxy require authentication (integrated on the DC) it will fail,
The first stage of reverse_https uses the same information that IE does
to make the connection (through the use of WinInet). The second stage
does not and this is where work needs to be done.