Recently, I ran a few Metasploit Mass Client-Side Attacks on my barely patched xp box. First time it spawned a shell from the Apple Quicktime 7.1.3 RTSP Uri buffer overflow, second time nothing happened and the third time a shell from the QTjava Pointer exploit appeared.
Well, that was great but when I tried to use the exact same exploits from the metasploit webinterface it didn't gave me any shell. (Cannot assign requested address - bind)
So how is this possible, did I just had some luck with the Mass Client-Side attacks ? And more importantly, why doesn't a manual exploitation work? I thought maybe it has something to do with connecting to the exploit (with the mass client-side attack) and just listen for a connection from the metasploit webinterface, but I'm not quite sure..