Awesomeness... thanks! On Fri, Nov 7, 2008 at 3:19 PM, MC <[EMAIL PROTECTED]> wrote:
> Bryan, > > This following link has an example of uploading via a meterpreter script: > > http://www.metasploit.com/users/mc/rand/CVE_2007_0161.rb > > hope it helps. > > On Fri, 7 Nov 2008, Bryan Richardson wrote: > > > Good Morning HD, > > > > Thanks for the suggestions. Any chance you can point me to some sample > > Meterpreter script code that uploads files to the exploited machine? > > > > -- > > Thanks! > > Bryan > > > > On Thu, Nov 6, 2008 at 8:19 PM, H D Moore <[EMAIL PROTECTED]> wrote: > > > > > On Thursday 06 November 2008, Bryan Richardson wrote: > > > > I'm wanting to write a Meterpreter script that can sniff traffic from > > > > an exploited Windows host. I *think* there is some built-in pcap > > > > functionality already in the Metasploit framework... is this correct? > > > > If so, can it be used in a script that can be ran from Meterpreter? > > > > > > The Pcap stuff in Metasploit only works on the attacker's machine, it > > > doesnt extend through any of the payloads. The easiest way to > accomplish > > > your goal is to write a Win32 sniffer as a Meterpreter extension and > > > implement a command protocol for start, stopping, and gathering data > from > > > this extension. Alternatively, just write a meterpreter script that > > > uploads an existing sniffer, execute it "channelized", and parse the > > > output to find what you are looking for. > > > > > > > Also, before I do this... does there happen to be a payload that > > > > already exists that can do this for me (or even one that does an nmap > > > > scan)? I took a little time to examine all the payloads that already > > > > exist, but none really jumped out at me as being able to do this sort > > > > of thing. > > > > > > None of the existing payloads can do this. > > > > > > -HD > > > > > > _______________________________________________ > > > Framework-Hackers mailing list > > > Framework-Hackers@spool.metasploit.com > > > http://spool.metasploit.com/mailman/listinfo/framework-hackers > > > > > > > -- > ~ mc > >
_______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
