• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

Backtrack3 Metasploit /browser/ani_loadimage_chunksize

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses

View previous topic :: View next topic  
Author Message
j7
Just Arrived
Just Arrived


Joined: 12 May 2005
Posts: 0


Offline

PostPosted: Tue Jan 26, 2010 1:44 am    Post subject: Backtrack3 Metasploit /browser/ani_loadimage_chunksize Reply with quote

Hi,

I am playing around with BackTrack 3. And I want to try out an IE exploit. The one I am looking at is /browser/ani_loadimage_chunksize. It says it should work on Vista IE7. I have BackTrack3 and a virgin Vista virtual machine both running.

So I right click on the exploit and choose Execute. Then (Automatic) ..., then
/cmd/window/bind_perl.

Then I am asked for the SRVHOST and SRVPORT. I choose 169.254.15.111 and port 8080. This ip is an ip inside my Virtual Box local network. I have assigned this ip to the running BackTrack vm.

Then I choose APPLY. But the module output tab says "Exploit failed: no NOP generator succeeded".

If I am understanding this right, it is starting up a http server page with the exploit and I am to use the VISTA vm Internet Explorer to navigate to it to get exploited. But I have no idea what an NOP generator is ?
Back to top
View user's profile Send private message
mandriva
Just Arrived
Just Arrived


Joined: 17 Nov 2005
Posts: 1
Location: WAKEFIELD

Offline

PostPosted: Tue Jan 26, 2010 12:49 pm    Post subject: Reply with quote

You should be using SE's to find answers, it's the best way, also if you are going to run an exploit at least know what it is going to do. i suggest you read this for starters http://en.wikipedia.org/wiki/Buffer_overflow
Back to top
View user's profile Send private message Visit poster's website
j7
Just Arrived
Just Arrived


Joined: 12 May 2005
Posts: 0


Offline

PostPosted: Sat Jan 30, 2010 12:03 am    Post subject: Reply with quote

oh. NOP = noop sled. My previous book calls it noop sled.

So the generator failed. I guess I will just blindly try other payloads. There's not much info to go on as to why it failed.
Back to top
View user's profile Send private message
Display posts from previous:   

Post new topic   Reply to topic   Printer-friendly version    Networking/Security Forums Index -> Exploits // System Weaknesses All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register