[framework] Internet Explorer createTextRange() Code Execution
Donnie Werner
morning_wood at frame4.com
Tue Apr 3 14:02:05 CDT 2007
> All of the browser exploits work the same way -- you run the exploit, the
> exploit creates a listening web server and a URL handler. To get code
> execution, you need to send vulnerable clients to your web server. How
> you do this depends on the situation, but the easiest way is to just
> email or instant message the link to the victims.
I have had very good success with client side exploits in Metasploit.
My best results come from launching the exploit, create a local html
file pointing to the exploit server. Open file via browser, right click
link and save as. What you have now is a standalone html file
with all the code in it. Simply host this file or imbed as an IFRAME,
send your targets to your hosted file. enjoy!
This has worked nearly flawlessly, and there is no need to keep your
MSF open, running, or listening.
cheers,
Donnie ( M.W ) Werner
http://www.zone-h.org
More information about the framework
mailing list