| Main Archive Page > Month Archives > metasploit-framework archives |
Re: [framework] News from Metasploit 4.
From: <egypt_at_nospam>Date: Fri Aug 26 2011 - 14:20:19 GMT
To: Richard Miles <richard.k.miles@googlemail.com>
Yes, reverse_http(s) both use the WinInet API, and as such, use IE's
proxy configuration, including credentials.
egypt
On Fri, Aug 26, 2011 at 2:28 AM, Richard Miles
<richard.k.miles@googlemail.com> wrote:
> Hey Patrick,
>
> Awesome, with the new reverse_http or reverse_https? Metasploit 4?
>
> Thanks
>
> On Thu, Aug 25, 2011 at 7:37 PM, Patrick Webster <patrick@aushack.com> wrote:
>> Hey Richard,
>>
>> I cannot guarantee 100%, but re: point #1, I have successfully used
>> the stager to get around proxies with auth about 2 months ago.
>>
>> -Patrick
>>
>> On Fri, Aug 26, 2011 at 8:42 AM, Richard Miles
>> <richard.k.miles@googlemail.com> wrote:
>>> Hi
>>>
>>> I friend of mine was talking about some great improvements at
>>> Metasploit 4, I checked the blog and it talks very briefly about it,
>>> what more called my attention is that reverse_http and reverse_https
>>> was updated and meterpreter scripts / resources too.
>>>
>>> I have 3 questions...
>>>
>>> 1 - The new reverse_http and reverse_https now are as good as passiveX
>>> was? I mean, we can use it completely over http or https (even the
>>> stager) and the payload is smart enough to get proxy IP and port from
>>> browser and re-use the same credential (in case that proxy require
>>> auth)?
>>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
>
>
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework