[framework] Metasploit vs Core Impact "Set as Source" Option
cg
lists at carnal0wnage.com
Fri Sep 14 18:47:29 CDT 2007
I dont have Core Impact so i'm not real familiar with the command you
listed but i did a couple of blog posts on using the route command in
msfconsole to route through a meterpreter session.
the short of it is:
route add IP SUBNET SESSION#
ex. msf exploit(ms06_040_netapi) > route add 172.16.0.0 255.255.0.0 1
i'll throw the caveat that i did it all in VMware so there may be some
VMware trickery going on, but i think it works as described. the good
(??) thing about security is that if i am wrong, i'm sure i'll have
about 10 emails letting me know within the hour :-)
here are the posts:
http://carnal0wnage.blogspot.com/2007/09/using-metasploit-to-pivot-through.html
http://carnal0wnage.blogspot.com/2007/09/using-metasploit-to-pivot-through_06.html
hope that helps.
-CG
On Fri, 2007-09-14 at 13:32 -0500, Danux wrote:
> Ok, thanks in Advance for my last question,
>
> I have another question, i know that through meterpreter we can use
> its modules in order to redirect a port from the victim machine to
> another one in the LAN, but is there something like the "Set as
> Source" options used in Core Impact? so that we can compromise another
> network segment?
>
> if so? do you have an example?
>
> On 9/14/07, H D Moore <hdm at metasploit.com> wrote:
> > These are two different things. To use the MSN exploit, you need to force
> > MSN to load this exploit DLL into memory. This is normally done by a
> > sequence of open process, alloc mem, start thread, loadlibrary calls to
> > the target process. The metasploit DLL injection payloads work by
> > exploiting a target process and then loading a DLL into memory. In this
> > case, you want to load a DLL on the attacking side, to exploit a
> > different host.
> >
> > On Friday 14 September 2007 12:23, Danux wrote:
> > > They say i need to: "inject the dll to msn messenger .... process.
> > >
> > > I know metasploit already works that way but i would like to learn how
> > > to do it manually.
> > >
> > > I have no skill about DLL programming nor injection, do you have a
> > > tutorial or something like that to understand it?
> >
>
>
More information about the framework
mailing list