[framework] Metasploit vs ANI
H D Moore
hdm at metasploit.com
Mon Apr 2 08:03:02 CDT 2007
That response is the HTML, it references the real ANI files in the
obfuscated style sheet data (look for the line ending in XXX=[1-6]. If
you request /$prefix/anything.wav?targ=1 (replaced $prefix with whatever
URIPATH is set to), it should serve up a valid ANI file exploit.
-HD
On Monday 02 April 2007 03:58, Nicolas RUFF wrote:
> I cannot even see the "anih" header. The page might be GZIP'ed even if
> default options are set to turn off all evasion techniques. What do you
> think ?
More information about the framework
mailing list