Check if you can actually reach your ports. portforward.com has a free tool do do this. http://portforward.com/help/portcheck.htm
You can run it with wine on your bt machine.
Some ISP's block certain ports so...
java_signed_applet
how to do it with external IP !!!
if i edited my DMZ to pass any connection to my local IP
LOCAL IP : 10.0.0.6
EXTERNAL IP : xx.xx.xx.xx
what settings should i do to make it reverse right to my LOCAL IP
i've tried :
LPORT 443
SRVPORT 80
LHOST external IP
didn't work !!
Re: java_signed_applet
Check if you can actually reach your ports. portforward.com has a free tool do do this. http://portforward.com/help/portcheck.htm
You can run it with wine on your bt machine.
Some ISP's block certain ports so...
(\ /)
( . .)
c(")(")
This is bunny.
Copy and paste bunny into your signature to help him gain world domination.
Re: java_signed_applet
yes i can do port forwarding very well ....but what settings should i make ! ?Originally Posted by LHYX1
the target should connect to my external IP with port 8080 for example ...because its browser exploit i think i should make it port 80 or 8080
well to make my router configuration page work normal i should make it 8080 ....then im gonna forward the port 8080 to my local ip 10.0.0.6
now from my router part is done ...
now Metasploit settings :
LHOST :
SRVHOST :
SRVPORT :
LPORT :
??
Re: java_signed_applet
LHOST = external ip
SRVHOST = local ip
LPORT && SRVPORT can be any port as long as they are forwarded correctly,
there's nothing else running on those ports and your ISP doesn't block them.
so if you use 8080 for your server -> forward 8080 to your local ip like you said.
And if you use 443 for your payload, forward 443 to your local ip as well.
Last edited by LHYX1; 03-22-2012 at 02:40 AM.
(\ /)
( . .)
c(")(")
This is bunny.
Copy and paste bunny into your signature to help him gain world domination.
Re: java_signed_applet
I never used a DMZ for this king of stuff. Plus, using a DMZ if you don't know what you're doing could be disastrous.
Just forward incoming port 8080 on wan (for instance) to port 9090 in LAN.
The first one will be LPORT in the payload, the second one will be LPORT in the listener.
@LHYX1 : it doesn't have to be the same ports
Running both KDE and GNOME BT5 flawlessly. Thank you !
Re: java_signed_applet
I know@LHYX1 : it doesn't have to be the same portsIt was just an example
(\ /)
( . .)
c(")(")
This is bunny.
Copy and paste bunny into your signature to help him gain world domination.
Re: java_signed_applet
I never used a DMZ for this king of stuff. Plus, using a DMZ if you don't know what you're doing could be disastrous.
Just forward incoming port 8080 on wan (for instance) to port 9090 in LAN.
The first one will be LPORT in the payload, the second one will be LPORT in the listener.
@LHYX1 : it doesn't have to be the same ports
shouldn't it be 8080 not any other port for wan forwarding ? because java_signed working on browser ?
and u saying that LPORT is the wan forwarding port for example 8080
so
NAT settings : 10.0.0.6 8080 8080
and another NAT entry
: 10.0.0.6 443 443 ??
and then at metasploit LPORT : 8080 ?
SRVPORT 443 ?
Re: java_signed_applet
You can run a website on any port
And yes you forward 2 ports. One for the payload and one for the server
so for example 8080 for the server and 443 for the payload.
(\ /)
( . .)
c(")(")
This is bunny.
Copy and paste bunny into your signature to help him gain world domination.
Re: java_signed_applet
I'm on weekend so I can't do something that would be swell : a nice grahic chart explaining all that since you're not the first to struggle with it. If I'm still feeling up to it when I come back home, I'll do something. So, expect it for tuesday/wednesday. Again, don't take my word for it.
Running both KDE and GNOME BT5 flawlessly. Thank you !
Re: java_signed_applet
Thanks comaX im waiting whenever u ready
Posting Permissions