Re: [Pauldotcom] metasploit gurus

Mon, 10 Jan 2011 09:05:15 -0800 

I've found in labbing this kind of thing that having wireshark open while your 
listener is running can be super helpful, that way you can see if you're 
getting RSTs back, SYN timeouts, etc.

From: [email protected] 
[mailto:[email protected]] On Behalf Of Crest Johanson
Sent: Monday, January 10, 2011 12:48 AM
To: PaulDotCom Security Weekly Mailing List
Subject: Re: [Pauldotcom] metasploit gurus

I tried that already. The reverse connection doesn't make it to the attacker 
server.

________________________________
From: Bill Swearingen <[email protected]>
To: PaulDotCom Security Weekly Mailing List <[email protected]>
Sent: Mon, January 10, 2011 4:34:03 AM
Subject: Re: [Pauldotcom] metasploit gurus

Dont use autopwn, try a reverse meterpreter shell on a port that is likely to 
bypass the proxy & get out (443, 22, 80, etc)
On Sun, Jan 9, 2011 at 1:10 PM, Crest Johanson 
<[email protected]<mailto:[email protected]>> wrote:
Hello all,

I'm studying attack vectors against the company I work for. Some metasploit 
attacks work however, the proxy doesn't let the reverse connection through. I 
tried to set the listening port to a port that the proxy allows connections to, 
but it seems like the payload doesn't initiate the connection through the proxy.
Is there away to point the payload to the proxy and from the proxy to the 
attacker server?

For browser autopwn, the framework set listeners on ports 3333,4444,6666,7777 
for different exploits, is there a way to change these ports (maybe from 
source)?

Thanks,


_______________________________________________
Pauldotcom mailing list
[email protected]<mailto:[email protected]>
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com




******************************************************************************
This email contains confidential and proprietary information and is not to be 
used or disclosed to anyone other than the named recipient of this email, 
and is to be used only for the intended purpose of this communication.
******************************************************************************
_______________________________________________
Pauldotcom mailing list
[email protected]
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Reply via email to