[framework] Internet Explorer createTextRange() Code Execution
H D Moore
hdm at metasploit.com
Tue Apr 3 10:14:55 CDT 2007
All of the browser exploits work the same way -- you run the exploit, the
exploit creates a listening web server and a URL handler. To get code
execution, you need to send vulnerable clients to your web server. How
you do this depends on the situation, but the easiest way is to just
email or instant message the link to the victims.
-HD
On Tuesday 03 April 2007 09:56, Rory Garton Smith wrote:
> Greetings Mailing List
>
> Small hold up while running an exploit today. I was testing out
> "Internet Explorer createTextRange() Code Execution" (aka:
> windows/browser/ms06_013_createtextrange) on my Windows XP box in the
> other room. Using the windows/shell_reverse_tcp payload. I set up all
> of the information, and then launched the exploit, and this is what the
> terminal
>
> read:
> >> exploit
>
> [*] Started reverse handle
> [*] Using URL: http://10.1.1.5:49160/jC28sNY
> [*] Server started.
> [*] Exploit running as background job.
>
> msf exploit(ms06_013_createtextrange) >
>
> Is this what is supposed to occur? Because after this point, I waited
> for a great deal of time, just, nothing happened.
> I'm probably missing some huge important step here, any help = greatly
> appreciated.
>
> Erez
More information about the framework
mailing list