Browser exploits with an existing meterpreter listener (solved)
Spoke too soon - solution was in the advanced properties of the payload:
set DisablePayloadHandler true
I have a perpetual meterpreter listener (multi-handler) running on a server that uses the multi-handler loader to launch the meterpreter sessions as described in this wiki entry: Metasploit Framework - AutomatingMeterpreter - Metasploit Redmine Interface
The listener works great for client-side exploits that are loaded in various forms (such as the email payload described in the above link or an html page with the meterpreter shellcode imbedded), however I was wondering if there was a way that you can use a metasploit browser exploit (such as aurora) that uses a new metasploit session to listen for the client side but points to the existing listener as the payload instead of launching its own meterpreter listener (if I am making any sense).
For example, if I launch the aurora exploit and try to use the same listener settings as my existing listener, it fails because I'm already using those ports.
The reason I'm trying to do this are that I'm limited in which ports i can use my pentest target only allows outbound connections on port 80 and 443) and I want to be able to use the same listener for multiple exploit attempts at the same time.
Does anybody know if this is even possible? I know there are other methods that don't use metasploit, but I'm kinda trying to go plug and play with this one and Metasploit seems to be the most logical way to go.