Re: [framework] Lupin's download_exec_vbs payload

Replying to myself but just realised there's nothing wrong with the payload, only with my brain. When I recompiled the payload I left that hardcoded IP in there (note to self: before posting to list reread the source), thus the problem. It's now solved.

--- On Sun, 7/11/10, Miguel Rios <miguelrios35@yahoo.com> wrote:

From: Miguel Rios <miguelrios35@yahoo.com>
Subject: [framework] Lupin's download_exec_vbs payload
To: framework@spool.metasploit.com
Date: Sunday, July 11, 2010, 6:13 PM

Me again.

Anyone tried this great little gem of a payload that Lupin kindly provided?
see here

I played with it a bit a few days ago and it worked like a charm. However I've noticed the last couple of days that when I generate this payload it seems to always try to connect to a private IP (192.168.56.1) instead of the URL that I provide.
This is quite strange since it was working last week downloading from the provided URL without a hitch, but now it seems that it only wants to go to 192.168.56.1.
Anyone else seeing this lately? Maybe when I svned recently I somehow broke the payload?
weird.

      
-----Inline Attachment Follows-----

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

• This message: [ Message body ]
• Next message: Thorgul: "Re: [framework] New Javascript Packer: JSidle"
• Previous message: Miguel Rios: "Re: [framework] New Javascript Packer: JSidle"
• In reply to: Miguel Rios: "[framework] Lupin's download_exec_vbs payload"

• Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]