?
Solved

metasploit after exploiting

Posted on 2012-08-28
10
Medium Priority
?
692 Views
Last Modified: 2012-08-29
hello

i used java exploit as an example, then i exploited it got as:
[*] Exploit running as background job.

[*] Started reverse handler on 192.168.1.11:4444[*] Using URL: http://192.168.1.11:8080/mLnhfDGempU
[*] Server started.


here's my question how do i reach files in mLnhfDGempU ? to edit and many things, i tried to search but no lack


thank you
0
Comment
Question by:NoBoDyDD
  • 6
  • 3
10 Comments
 
LVL 33

Expert Comment

by:Dave Howe
ID: 38340544
I am going to assume (given its a 192.168 address) that this is your own box and you are authorized to do this :)

usually there is a shell as a default payload. what 'sploit did you use, and which payload was selected if any?
0
 
LVL 7

Expert Comment

by:southpau1
ID: 38340567
it looks like the exploit you used depends on the user of the vulnerable machine to click on a link.  So this java exploit you are using is sort of a social engineering attack.

what you have to do is emulate the user - go to the vulnerable machine and click on or open that link.  That will launch a java applet that runs the exploit code, which if successful, will reach back to your listener at 192.168.1.11:4444 and you will have your shell.

This is a client side exploit.  most, if not all of the java exploits in metasploit will work this way.
0
 

Author Comment

by:NoBoDyDD
ID: 38343125
yeah i know all that guys  by the way all authorized this isn't for illegal stuff .
let me try to explain what i want, i used java exploit as enxample:
the url now is http://192.168.1.11:8080/mLnhfDGempU
the jar file is: http://192.168.1.11:8080/mLnhfDGempU/exploit.jar
my question  is how do i edit that exploit.jar file and edit html page in  http://192.168.1.11:8080/mLnhfDGempU/

i hope i explained it right

thank u
0
A Cyber Security RX to Protect Your Organization

Join us on December 13th for a webinar to learn how medical providers can defend against malware with a cyber security "Rx" that supports a healthy technology adoption plan for every healthcare organization.

 
LVL 7

Expert Comment

by:southpau1
ID: 38343689
Decompile the jar with any decompile program, just Google for one.

Then use an IDE or even notepad++ to edit.

Why do you need to edit it?
0
 

Author Comment

by:NoBoDyDD
ID: 38343769
i already did all the work just need to know where to upload it after i edited it
0
 
LVL 7

Expert Comment

by:southpau1
ID: 38343833
I still dont understand....do you not know where to find the file on your metasploit server?

Do this from the root of your file system:

Grep -i exploit.jar
0
 
LVL 7

Expert Comment

by:southpau1
ID: 38343836
Then upload the edited file to whereever it was.


If you created a custom java exploit...the you should look into custom metasploit packages instead of doing one of the buolt ins
0
 

Author Comment

by:NoBoDyDD
ID: 38343855
i downloaded it via browser that's why i don't know where it is.
like this:
http://192.168.1.11:8080/mLnhfDGempU/exploit.jar
i edited it then i just want to upload i just couldn't find it on the system
grep is still running tho
0
 
LVL 7

Expert Comment

by:southpau1
ID: 38343866
Yea from root it will take a while...but that will find it
0
 
LVL 7

Accepted Solution

by:
southpau1 earned 2000 total points
ID: 38343927
If it doesnt find it then try searching again with the exploit running.

Its possible though that the file is dynamically created when the exploit runs, in which case you will have to use your file in a custom user created exploit, which you will have to research how to do.  Im sure there is a youtube video on it
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is about my experience upgrading my consulting machine to Windows 10 Version 1709 (The Fall 2017 Creator Update)
Your business may be under attack from a silent enemy that is hard to detect. It works stealthily in the shadows to access and exploit your critical business information, sensitive confidential data and intellectual property, for commercial gain. T…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question