[framework] Windows Shellcode on Unix
tyronmiller at gmail.com
Thu Jul 17 17:24:31 PDT 2008
Do you know which exploit you want to use?
To get a descent list of exploits related to XP; open the Metasploit Web
Interface and click on "Exploits". If you then search for *Windows XP* you
will get a list of exploits that relate to Windows and contain "xp" ... just
note that "xp" will match words like "eXPloit" and "eXPlorer", so some of
the exploits won't be relevant to XP.
Click the exploit you want, and follow the instructions. Most of the
exploits for XP will be client-side exploits (eg, for Internet Explorer) so
you may need to combine the attack with a Phishing attack or DNS Cache
Poisoning or something to get the victim to download your exploit.
Hope that helps, else check out the "User Guide" that comes with Metasploit.
On Thu, Jul 17, 2008 at 7:27 PM, Sri Kanth <Sri_Kanth at jabil.com> wrote:
> How can I use an exploit to a Windows XP machine?
> *From:* framework-bounces at spool.metasploit.com [mailto:
> framework-bounces at spool.metasploit.com] *On Behalf Of *Ty Miller
> *Sent:* Thursday, July 17, 2008 4:40 PM
> *To:* Patrick Webster; hdm at metasploit.com
> *Cc:* framework at spool.metasploit.com
> *Subject:* Re: [framework] Windows Shellcode on Unix
> Hi Guys,
> Thanks heaps for the responses.
> HD, you were right on the money mate ... I am buying you a double burbon
> and coke at Blackhat this year mate ... even if Microsoft does have to pay
> for it! ;o)
> I changed my compilation commands to the following, as suggested by HD;
> $ nasm -f bin -o shellcode.bin shellcode.asm
> $ xxd -i shellcode.bin
> I also had to add the line "BITS 32" into my asm code since nasm seemed to
> default to a 16 bit architecture. Once I did this, it worked like a gem.
> Thanks again for your help and the quick responses.
> On Thu, Jul 17, 2008 at 4:32 PM, Patrick Webster <patrick at aushack.com>
> No idea how cygwin does its magic, but could it be that your shellcode
> is using a system call that is different under Cygwin -> Linux.
> I suppose the easiest way would be to use nasm under both environments
> and see if the shellcode result is different :)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the framework