Results 1 to 2 of 2

Thread: Anyone familiar with Metasploit's ani_loadimage_chunksize?

  1. #1
    Just burned his ISO
    Join Date
    Mar 2009
    Posts
    12

    Default Anyone familiar with Metasploit's ani_loadimage_chunksize?

    Ok, first of all, before I get n00b spammed, I don't usually ask for help and I'm known to search google for hours trying to find an answer. Second, I'm sorry if this is the wrong forum. Now to my problem, I'm using metasploit framework 3.2 and I'm trying to use the ani_loadimage_chunksize exploit. It seems compatible with the target PC I'm testing, but I'm having problems with the settings. I've got MAILTO, MAILSUBJECT and MAILFROM all set up, but I'm a little confused with the RHOST and RPORT settings... At first, I figured it is supposed to be the local IP (192.168.1.15) and I kept the port at the default 25, but this was the response:

    01:11:41 - ani_loadimage_chunksize[*] Started reverse handler
    01:12:11 - ani_loadimage_chunksize[*] Connecting to SMTP server 192.168.1.15:25...
    01:12:12 - ani_loadimage_chunksize [-] Exploit failed: The connection was refused by the remote host (192.168.1.15:25).

    When that didn't work, I tried many combinations including my external IP (68.63.?.?) and changed the port to every port Outlook uses (25, 587, 110) but it's the same every time...

    Is anyone here familiar with this exploit, and if so, what settings have you been sucessful with?

  2. #2
    Just burned his ISO
    Join Date
    Mar 2009
    Posts
    1

    Smile RE: Anyone familiar with Metasploit's ani_loadimage_chunksize?

    You will want to set the RHOST to an MTA. For example, if I want to send this exploit to user@companyA.com, and they have an mx for that domain (mail.companya.com), then I will specify that host as the RHOST. I believe that you can specify an open SMTP relay as well, such as your ISP's mail relay. Also, in order for them to connect back to you, you will either need to place your box on the Internet or behind a firewall with a destination NAT pointed back to your box. Otherwise, the victim will not be able to comm back to you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •