PDA

View Full Version : Fast Track Meterpreter sessions



Marcinko
01-30-2010, 06:52 PM
While running Fast Track in the "interactive" mode against an unpatched Win2K server, I can see where it has opened up a Meterpreter session and it continues on with other exploits. Is there a way to find out which "exploit" was used to gain that session?
Here is a clip of what I see on the screen.

(40/208 [0 sessions]): Launching exploit/windows/http/apache_modjk_overflow against 10.0.1.42:80...
Meterpreter session 1 opened (10.0.1.36:39953 -> 10.0.1.42:28682)
(57/208 [1 sessions]): Launching exploit/windows/smb/ms03_049_netapi against 10.0.1.42:139...
Job limit reached, waiting on modules to finish...
Meterpreter session 2 opened (10.0.1.36:36443 -> 10.0.1.42:27518)

Thanks for the insight

M

To answer my own question: Let it finish running and it will give the sessions and the exploits that were used. I was being a little impatient so as to move on to the next step. I lso thought there might have been an issue with the application. My bad.