396    Chapter 6 • Infrastructure Security: Devices and Media

                      4. At this point, your test exploit is ready to test. Assuming that you
                         have Winamp 5.12 installed and associated with playlist (.pls)
                         files, you should be able to browse to the Uniform Resource
                         Locator (URL) shown in the Metasploit console window, and see
                         the effects of the exploit using IE. Winamp should start automati-
                         cally and show a playlist similar to that seen in Figure 6.14.

             Figure 6.14 Exploited Winamp Playlist













                      5. So how can we tell that the payload was delivered? The win-
                         dows/shell_bind_tcp payload by default opens a listening port on
                         TCP port 4444 for incoming connections. By telnetting to this
                         port, we can open a command shell to the target system. This is
                         shown in Figure 6.15.



             Figure 6.15 Open Command Shell on Target System































          www.syngress.com