So, in the spirit of Natron's response below, can someone explain to me how it's possible to run Ruby scripts within the Meterpreter console? From what Natron's said, I assume these scripts are actually ran client side using information passed to the client from the exploited host via the Meterpreter control protocol... correct?
On Mon, Feb 16, 2009 at 1:56 PM, Bryan Richardson <btri...@gmail.com> wrote: > I see. :( > > > On Mon, Feb 16, 2009 at 1:45 PM, natron <nat...@invisibledenizen.org>wrote: > >> You have to push down whatever code you want to use, so in this case, >> that would mean pushing down an entire ruby interpreter, >> self-contained. That's probably not feasible. :) >> >> 2009/2/16 Bryan Richardson <btri...@gmail.com>: >> > Hey HD, >> > >> > Thanks for the update. I'll be interested to see how they respond. :) >> > >> > Along these lines, I had asked a question in a previous email about the >> > availability of Ruby's pcap libraries on compromised machines, and you >> > responded with the following: >> > >> > The Pcap stuff in Metasploit only works on the attacker's machine, it >> > doesnt extend through any of the payloads. >> > >> > Incidentally, what would it take to extend the Ruby pcap stuff in >> Metasploit >> > through some of the payloads? Being able to script some remote packet >> > sniffing stuff in Ruby for use on a compromised machine would be >> friggin' >> > awesome if you ask me. However, I have no idea what it would take to >> make >> > this happen... I'm still *learning* the in's and out's of the awesome >> Ruby >> > project that is Metasploit. >> > >> > -- >> > Thanks! >> > Bryan >> > >> > On Sun, Feb 15, 2009 at 9:09 PM, H D Moore <h...@metasploit.com> wrote: >> >> >> >> On Sun, 2009-02-15 at 18:42 -0700, Bryan Richardson wrote: >> >> > Thanks for the info. The only thing is, I'm needing access to the >> >> > sniffed traffic in real-time. For now I just plan to go the route of >> >> > piping it through netcat. :) >> >> > >> >> I sent them an email about getting a cheap/free license for a new >> >> meterpreter extension ($1999 otherwise). >> >> >> >> -HD >> >> >> > >> > >> > _______________________________________________ >> > Framework-Hackers mailing list >> > Framework-Hackers@spool.metasploit.com >> > http://spool.metasploit.com/mailman/listinfo/framework-hackers >> > >> > >> > >
_______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers
