Results 1 to 4 of 4

Thread: Question about meterpreter

  1. #1
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    9

    Default Question about meterpreter

    Hello! I have a question about exploiting using meterpreter. If one is to exploit a computer, in this case vista with the smb2 exploit using meterpreter as a payload, will meterpreter "always be there" on the victim computer after the exploit for example like a trojan?

    The reason for this is that i want to try and exploit my laptop wich has vista and i use this laptop at school and other public networks so i dont want it to be "already exploited" with meterpreter on it and other exploiters able to "tap in".

    Hope the question isnt to confusing...

  2. #2
    Member
    Join Date
    Jan 2010
    Posts
    81

    Default

    Hi

    If you have a meterpreter session, you can make with metsvc.exe a meterpreter backdoor..or make a meterpreter.exe an make it start after reboot.. (registry, Autostart...
    Give a look at the:Online Course – Metasploit Unleashed – Mastering the Framework


    ozzy

  3. #3
    Junior Member
    Join Date
    Sep 2009
    Posts
    43

    Default

    What ozzy66 means is that by default, anything is installed on your target machine, but you can if you want...

  4. #4
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default

    Quote Originally Posted by hackabear View Post
    Hello! I have a question about exploiting using meterpreter. If one is to exploit a computer, in this case vista with the smb2 exploit using meterpreter as a payload, will meterpreter "always be there" on the victim computer after the exploit for example like a trojan?

    The reason for this is that i want to try and exploit my laptop wich has vista and i use this laptop at school and other public networks so i dont want it to be "already exploited" with meterpreter on it and other exploiters able to "tap in".

    Hope the question isnt to confusing...
    Meterpreter usually runs as part of the exploited process, or as part of another process if you migrate it. Terminate the process and you terminate Meterpreter, so restarting your machine will put you right. As long as you haven't installed a Meterpreter backdoor of course...

    Also, keep in mind that if you can exploit your Vista system using the SMB2 exploit, others on those public networks you connect to will be able to do it too - unless you use a mitigation strategy against the exploit (disable SMB2, block ports at the firewall, etc)
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •