Pheonix I think you did something wrong in that code. It is asking for what language you want to write the EXE file in. Instead of putting -t EXE try -t C.
You're welcomeOriginally Posted by gavros79
phoenix910 thanks for the articles you posted,great work!
And TexRyker, I've never seen that issue myself, so I'd just say:
a) Make sure the code is typed exactly right, and that there are no syntax errors
b) Update to the latest SVN version, and see if that helps
c) Download a fresh version on a different Linux OS, and see if it does it there. I must admit, I haven't tried this with BT4 beta yet, so it's possible that if you're using that, that could be your issue.
~phoenix910
Pheonix I think you did something wrong in that code. It is asking for what language you want to write the EXE file in. Instead of putting -t EXE try -t C.
I hate Google.
Both work - trust me, I've tried em both
~phoenix910
I will give it another try today. I did run the update to the latest SVN. Thanks again.You're welcome
And TexRyker, I've never seen that issue myself, so I'd just say:
a) Make sure the code is typed exactly right, and that there are no syntax errors
b) Update to the latest SVN version, and see if that helps
c) Download a fresh version on a different Linux OS, and see if it does it there. I must admit, I haven't tried this with BT4 beta yet, so it's possible that if you're using that, that could be your issue.
~phoenix910
I was re-reading your tutorial and I had a few questions about it. With this technique are you actually using an exploit or just installing meterpreter. Why did you use the reverse_tcp method? Is that the most effective?
I hate Google.
I'll answer both questions in one :P Basically, I'm generating the reverse_tcp into an executable file, because this can be sent inside an organisation, and the whole point to this tutorial was to show how to get a host PC to connect back (reverse via TCP) to you on the outside, because the server is less likely to block outgoing connections than brutal inbound ones. Plus, because this is just a payload that connects and then accepts the meterpreter upload, there are no vulnerabilities required for it to work. Sound alright?
~phoenix910
Awesome, I never realized metasploit could be used in such a manner. So meterpreter is basically a backdoor? Also, you mention editing the file in such a way to avoid IDS and AV, just wondering if you have more info on that or any other tutorials?
I hate Google.
Not quite - meterpreter isn't a backdoor in itself - it is a post exploitation tool; whether you get in via another method or the one we've used; the backdoor in this instance is our little reverse_tcp payload (however, this does give us a "backdoor in", so to speak). And I included details in there for encoding the file so that it wasn't detectable by the Anti Virus - in terms of IDS, it'd really depend on its signatures - most dont pick up a single outgoing connection, but it really depends what your sending through etc. I don't have any other tutorials on that at this stage, so perhaps googling will help?
~phoenix910
Thanks for the reply. Did you mean that if the victim has 192.168.1.1-255 local IP range, then I should have something like 10.0.0.1-255?
Yep
~phoenix910
Posting Permissions
