[framework] console with arguments
Jerome Athias
jerome.athias at free.fr
Fri May 4 15:55:19 CDT 2007
Yep just seen this after restarting msfweb and going directly to the
supplied URL ^_^
(exploit was launched before to test it)
btw, it's a way... ;-)
Cheers
/JA
H D Moore a écrit :
> Only works if no consoles have been allocated so far. I get the point, we
> should fix our XSS bugs :-)
>
> Is the intention to automatically launch an exploit, or automatically
> launch it and then interact with the console?
>
> -HD
>
> On Friday 04 May 2007 15:37, Jerome Athias wrote:
>
>> Quite tricky but it does the job:
>> http://127.0.0.1:55555/exploits/config?refname=windows:http:navicopa_ge
>> t_overflow&payload=16&step=config&target=0&eopt_RHOST=127.0.0.1&eopt_RPO
>> RT=80&popt_CMD=calc.exe&eopt_CHOST="><script>window.location="http://127
>> .0.0.1:55555/console/index/0";</script>
More information about the framework
mailing list