[prev in list] [next in list] [prev in thread] [next in thread] 

List:       metasploit-framework
Subject:    Re: [framework] Help: Yahoo! Messenger YVerInfo.dll ActiveX Control
From:       Julião Barbin <juliobarbin () hotmail ! com>
Date:       2010-07-26 12:21:23
Message-ID: SNT125-W5553D195CC94E91A8649CDAEA60 () phx ! gbl
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Ok,Thanks for the help,jcb 



> Date: Sun, 25 Jul 2010 21:26:56 -0500
> From: jdrake@metasploit.com
> To: juliobarbin@hotmail.com
> CC: framework@spool.metasploit.com
> Subject: Re: [framework] Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer \
> Overflow 
> On Tue, Jul 20, 2010 at 12:09:08PM -0300, Juli?o Barbin wrote:
> > 
> > Good evening friends,
> > on my pc found the flaw Messenger ActiveX Control Buffer Overflow YVerInfo.dll \
> > then entered the site and searched the metasploit failure CVE-2007-4515, if the \
> > typed commands as the link \
> > http://www.metasploit.com/modules/exploit/windows/browser/yahoomessenger_fvcom \
> > and ran the command exploit ... there was [*] Exploit running the background job
> > 
> > [-] Handler failed to bind to 10.20.4.63:4444 (where the machine is vulnerable)
> > [*] Started reverse handler on 0.0.0.0:4444
> > [*] Unsing URL: http://0.0.0.0:8080/S85gRUvyp0
> > [*] Local IP: http://10.20.6.126:8080 / S85gRUvyp0
> > [*] Server Started.
> 
> You appear to have used LHOST incorrectly. Based on the output
> provided, you should set it to 10.20.6.126 (LHOST == listen host).
> 
> After running the exploit, you'll still need to convince a user on
> that machine to visit your web site (http://10.20.6.126:8080/S85gRUvyp0)
> 
> Hope this helps,
> 
> -- 
> Joshua J. Drake
 		 	   		  
_________________________________________________________________
TRANSFORME SUAS FOTOS EM EMOTICONS PARA O MESSENGER. CLIQUE AQUI PARA COMEÇAR.
http://ilm.windowslive.com.br/?ocid=ILM:Live:Hotmail:Tagline:senDimensao:TRANSFORME78:-



[Attachment #5 (text/html)]

<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Verdana
}
--></style>
</head>
<body class='hmmessage'>
<div><br></div><div><span class="Apple-style-span" style="font-family: arial, \
sans-serif; line-height: 25px; ">Ok,</span></div><div><span class="Apple-style-span" \
style="font-family: arial, sans-serif; line-height: 25px; ">Thanks for the \
help,</span></div><div><font class="Apple-style-span" face="arial, sans-serif"><span \
class="Apple-style-span" style="line-height: \
25px;">jcb</span></font>&nbsp;</div><br><br><br><br>&gt; Date: Sun, 25 Jul 2010 \
21:26:56 -0500<br>&gt; From: jdrake@metasploit.com<br>&gt; To: \
juliobarbin@hotmail.com<br>&gt; CC: framework@spool.metasploit.com<br>&gt; Subject: \
Re: [framework] Help: Yahoo! Messenger YVerInfo.dll ActiveX Control Buffer \
Overflow<br>&gt; <br>&gt; On Tue, Jul 20, 2010 at 12:09:08PM -0300, Juli?o Barbin \
wrote:<br>&gt; &gt; <br>&gt; &gt; Good evening friends,<br>&gt; &gt; on my pc found \
the flaw Messenger ActiveX Control Buffer Overflow YVerInfo.dll then entered the site \
and searched the metasploit failure CVE-2007-4515, if the typed commands as the link \
http://www.metasploit.com/modules/exploit/windows/browser/yahoomessenger_fvcom<br>&gt; \
&gt; and ran the command exploit ... there was<br>&gt; &gt; [*] Exploit running the \
background job<br>&gt; &gt; <br>&gt; &gt; [-] Handler failed to bind to \
10.20.4.63:4444 (where the machine is vulnerable)<br>&gt; &gt; [*] Started reverse \
handler on 0.0.0.0:4444<br>&gt; &gt; [*] Unsing URL: \
http://0.0.0.0:8080/S85gRUvyp0<br>&gt; &gt; [*] Local IP: http://10.20.6.126:8080 / \
S85gRUvyp0<br>&gt; &gt; [*] Server Started.<br>&gt; <br>&gt; You appear to have used \
LHOST incorrectly. Based on the output<br>&gt; provided, you should set it to \
10.20.6.126 (LHOST == listen host).<br>&gt; <br>&gt; After running the exploit, \
you'll still need to convince a user on<br>&gt; that machine to visit your web site \
(http://10.20.6.126:8080/S85gRUvyp0)<br>&gt; <br>&gt; Hope this helps,<br>&gt; \
<br>&gt; -- <br>&gt; Joshua J. Drake<br> 		 	   		  <br /><hr />LEVE SEU MESSENGER \
PARA ONDE VOCÊ ESTIVER PELO SEU CELULAR. <a \
href='http://celular.windowslive.com.br/messenger.asp?produto=Messenger&utm_source=Liv \
e_Hotmail&utm_medium=Tagline&utm_content=LEVESEUMES85&utm_campaign=MobileServices' \
target='_new'>CLIQUE E VEJA COMO FAZER.</a></body> </html>



_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic