[framework] Internet Explorer createTextRange() Code Execution
Michael Wood
michael.wood at uct.ac.za
Tue Apr 3 10:17:41 CDT 2007
On Tue, Apr 03, 2007 at 10:56:23PM +0800, Rory Garton Smith wrote:
> Greetings Mailing List
>
> Small hold up while running an exploit today. I was testing out "Internet
> Explorer createTextRange() Code Execution" (aka:
> windows/browser/ms06_013_createtextrange) on my Windows XP box in the other
> room. Using the windows/shell_reverse_tcp payload. I set up all of the
> information, and then launched the exploit, and this is what the terminal
> read:
>
> >>exploit
> [*] Started reverse handle
> [*] Using URL: http://10.1.1.5:49160/jC28sNY
> [*] Server started.
> [*] Exploit running as background job.
>
> msf exploit(ms06_013_createtextrange) >
>
> Is this what is supposed to occur? Because after this point, I waited for a
> great deal of time, just, nothing happened.
> I'm probably missing some huge important step here, any help = greatly
> appreciated.
Go to the machine you want to exploit, start up Internet
Explorer and type in: http://10.1.1.5:49160/jC28sNY
Then go back to where you're running msf and see what has
happened.
--
Michael Wood <michael.wood at uct.ac.za>
More information about the framework
mailing list