[framework] Problem with Apache Win32 Chunked Encoding
Patrick Webster
patrick at aushack.com
Thu Nov 1 18:37:30 CDT 2007
>
> >Use a different PAYLOAD like windows/shell/bind_tcp instead.
>
Yeah if you have access to the server you might see calc.exe running in
memory as the Apache user though.. (or see it on the desktop if the service
is permitted in interact with the desktop)..
As grutz wrote, use a reverse shell instead (that way even if the shellcode
breaks, you will see the stager connect back to confirm).
Oh and generally the VHOST is the virtual host name, so for example, if you
were targeting metasploit.com:
$ nslookup
>www.metasploit.com
Non-authoritative answer:
Name: www.metasploit.com
Address: 216.75.15.231
you would:
set RHOST 216.75.15.231
set VHOST www.metasploit.com
(sorry didn't know who else to pick on ;-) .. wasn't there an RFC for
victim.com somewhere?)
-Patrick
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://spool.metasploit.com/pipermail/framework/attachments/20071102/eb032acb/attachment.htm
More information about the framework
mailing list