Ok here it is. I am testing the Winamp 5.12 exploit using the MSFWEB interface and this i what happens.. I first go to the Exploit tab and choose the "Winamp Playlist UNC Path Computer Name Overflow" exploit. I then choose the "Winamp 5.12 Universal" target. I then choose the "generic/shell_reverse_tcp" payload as to connect back to the target via command shell. I then put in the settings for the exploit as follows: SRVHOST: 10.10.10.x SRVPORT : 8080
LHOST: 127.0.0.1 LPORT: 4444 (Where the SRVHOST is my local IP of BT). I then launch the exploit
=[ msf v3.1-dev + -- --=[ 214 exploits - 107 payloads + -- --=[ 17 encoders - 5 nops =[ 39 aux[*] Started reverse handler[*] Using URL: http://10.10.10.x:8080/lB7fLGX8qzRL
[*] Server started.[*] Exploit running as background job.
msf exploit(winamp_playlist_unc) >
I then email the URL to my target machine. I go to my target machine and click on the link via email. It takes me to a page and the pop up blocker goes off. I then right-click and say download file (Winamp is setup to automatically associate any play lists with itself) the play list then loads into my Winamp player and I can see it streaming through. It then locks up and does nothing.. I then go to my BT machine and it says " sending exploit to 10.10.10.x:3362". I then go back to my target machine and open a command prompt and type the netstat command and it comes back with 10.10.10.x:3362 ESTABLISHED but there is no command prompt on my BT machine.. I am wondering why no command prompt comes up on my BT machine.
If anyone has any insight as to why this is doing this I would very much appreciate some input.. Thank you all for your time...