EvilZone
Programming and Scripting => .NET Framework => : pl4f0rd July 13, 2011, 03:38:39 PM
-
Ive uploaded a metasploit payload to a iis webserver in the Scripts directory currently I am executing the script directly from the browser, which in turn is causing me problems. Any one got any ideas how I can create a dummy asp page which in turn executes my payload which will run server side
-
If you managed to send a payload with metasploit, you should have had shell access already. So obviously you didn't, or the exploit was not a remote execution exploit. And there is no such thing as running the script directly from the browser, all ASP code is server side and server side only.
-
Well yeah I got a shell however it's unprivileged and running as IUSR, I uploaded the exe and to the web server and I navigate to it and manually click on the exe which in turn loads me up a shell via the multi/handler.
The meterpreter shell times out, cant getsystem, or sysinfo or drop into a shell.
The exe is not asp it's clicked on directly in the Scripts directory and loaded as an exe.
I need an asp page that loads the exe by it's self without me clicking on it., So for example the user navigates to site and the exe is executed.
-
I would imagine that it would be launched with same privileges either way.
I just pulled this crap off Google. It requires Windows Scripting Host but seeing as there's a script directory you should be able to do this.
<%
set objName = CreateObject("WScript.Shell")
objName.run("c:\file.bat",0,false)
%>
http://msdn.microsoft.com/en-us/library/d5fk67ky (http://msdn.microsoft.com/en-us/library/d5fk67ky)
Make an ASP page, toss that in, run page.
-
Cheers, I will give it a whirl