Java 0Day Works!

I tried the Java 0day attack, using BackTrack 5 and Metasploit, as explained here:

http://www.metasploit.com/modules/exploit/multi/browser/java_jre17_exec

I am using fully updated Java:

When I tried it at first, the exploit hung:

But I found the problem--the default TARGET is 0 (Generic Java Payload) and to make it work, you need TARGET 1 - Windows. So before starting the exploit, do this:

set TARGET 1
And it works like a charm :)

--Sam Bowne, first written 9:07 am, 8-28-12; revised 9:55 am