Results 1 to 2 of 2

Thread: SET - Java Looping on client-side when running Java Applet Attack

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    May 2011
    Posts
    2

    Question SET - Java Looping on client-side when running Java Applet Attack

    Created a Java Applet attack using Windows Reverse_TCP_Meterpreter payload and two different backdoored executables (shikata_ga_nai & Multi-Encoder) in SET.

    The applet loads on the client-side and causes the page to repeatedly refresh in a non-stop loop. Metasploit console shows session after session that keeps getting created. The only way to stop the sessions is to kill java and the browser on the client-side. If not stopped, client runs out of memory and crashes.

    I have tried two different clients (XP SP3 and Windows 7) with the same results. Java version is 1.6.22 on client side.

    Any ideas why this could be happening or how to prevent it?

    As an FYI, I tried the 16. Backdoored Executable on the menu and it didn't create any sessions on my clients although it also caused the client java to loop and constantly refresh the browser page.

  2. #2
    Just burned his ISO
    Join Date
    Aug 2012
    Posts
    3

    Default Re: SET - Java Looping on client-side when running Java Applet Attack

    Quote Originally Posted by Hank69er View Post
    Created a Java Applet attack using Windows Reverse_TCP_Meterpreter payload and two different backdoored executables (shikata_ga_nai & Multi-Encoder) in SET.

    The applet loads on the client-side and causes the page to repeatedly refresh in a non-stop loop. Metasploit console shows session after session that keeps getting created. The only way to stop the sessions is to kill java and the browser on the client-side. If not stopped, client runs out of memory and crashes.

    I have tried two different clients (XP SP3 and Windows 7) with the same results. Java version is 1.6.22 on client side.

    Any ideas why this could be happening or how to prevent it?

    As an FYI, I tried the 16. Backdoored Executable on the menu and it didn't create any sessions on my clients although it also caused the client java to loop and constantly refresh the browser page.
    Were you able to solve this issue? I am having the same issue.

Similar Threads

  1. SET java applet attack vector not working correctly
    By Apparatus in forum Beginners Forum
    Replies: 1
    Last Post: 01-20-2011, 10:04 PM
  2. SET - Java Applet attack blocked by Avast
    By gmoraes in forum Beginners Forum
    Replies: 3
    Last Post: 12-09-2010, 06:27 AM
  3. SET - Java Applet attack blocked by Avast
    By gmoraes in forum Beginners Forum
    Replies: 3
    Last Post: 12-06-2010, 09:50 PM
  4. SET + Java applet attack. Third-party certificate?
    By pinedepain in forum Experts Forum
    Replies: 0
    Last Post: 11-18-2010, 03:45 PM
  5. Acceso a Windows 7 por Medio de SET (Java Applet Attack)
    By šĜrτĦacK in forum BT Videos - ES
    Replies: 0
    Last Post: 05-01-2010, 07:36 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •