[framework] Metasploit vs Core Impact "Set as Source" Option
Danux
danuxx at gmail.com
Mon Sep 17 17:03:06 CDT 2007
Exellent, and let me tell you that is the same like Core Impact works!!!!!!
Thanks in advance
On 9/14/07, cg <lists at carnal0wnage.com> wrote:
> I dont have Core Impact so i'm not real familiar with the command you
> listed but i did a couple of blog posts on using the route command in
> msfconsole to route through a meterpreter session.
>
> the short of it is:
>
> route add IP SUBNET SESSION#
> ex. msf exploit(ms06_040_netapi) > route add 172.16.0.0 255.255.0.0 1
>
> i'll throw the caveat that i did it all in VMware so there may be some
> VMware trickery going on, but i think it works as described. the good
> (??) thing about security is that if i am wrong, i'm sure i'll have
> about 10 emails letting me know within the hour :-)
>
> here are the posts:
>
> http://carnal0wnage.blogspot.com/2007/09/using-metasploit-to-pivot-through.html
> http://carnal0wnage.blogspot.com/2007/09/using-metasploit-to-pivot-through_06.html
>
> hope that helps.
>
> -CG
>
>
>
> On Fri, 2007-09-14 at 13:32 -0500, Danux wrote:
> > Ok, thanks in Advance for my last question,
> >
> > I have another question, i know that through meterpreter we can use
> > its modules in order to redirect a port from the victim machine to
> > another one in the LAN, but is there something like the "Set as
> > Source" options used in Core Impact? so that we can compromise another
> > network segment?
> >
> > if so? do you have an example?
> >
> > On 9/14/07, H D Moore <hdm at metasploit.com> wrote:
> > > These are two different things. To use the MSN exploit, you need to force
> > > MSN to load this exploit DLL into memory. This is normally done by a
> > > sequence of open process, alloc mem, start thread, loadlibrary calls to
> > > the target process. The metasploit DLL injection payloads work by
> > > exploiting a target process and then loading a DLL into memory. In this
> > > case, you want to load a DLL on the attacking side, to exploit a
> > > different host.
> > >
> > > On Friday 14 September 2007 12:23, Danux wrote:
> > > > They say i need to: "inject the dll to msn messenger .... process.
> > > >
> > > > I know metasploit already works that way but i would like to learn how
> > > > to do it manually.
> > > >
> > > > I have no skill about DLL programming nor injection, do you have a
> > > > tutorial or something like that to understand it?
> > >
> >
> >
>
>
--
Danux, CISSP
Chief Information Security Officer
Macula Security Consulting Group
www.macula-group.com
More information about the framework
mailing list