[framework] Payload Handler issues in MSF 3.0-r3
Simple Nomad
thegnome at nmrc.org
Thu Jun 29 11:33:22 CDT 2006
> However, when I watch the actual packets flying between the attacking
> console ( 192.168.213.1 ) and the target ( 192.168.213.130 ), I see that as
> soon as the 'exploit' command is issued, the bind handler immediately begins
> attempting to contact port 4444 on the target, even though the Framework
> could of gone no further than executing:
There is similar behavior on the part of 2.x, as several of the exploits
try to go ahead and contact 4444 on the target (e.g. the rras MS06-025
exploit). I assumed this was by design, either intentional or
unintentional, as 1) if the exploit had been run previously, you can go
ahead and attach, and 2) port 4444 is the new port 31337, thx mainly to
msf ;-)
I'll let the authors comment on this, I just figured it was intentional
or an unintentional but desired side effect.
-SN
More information about the framework
mailing list