Results 1 to 5 of 5

Thread: Started reverse handler

  1. #1
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    6

    Default Started reverse handler

    I'm trying to use metasploit in BT4 prefinal. I've been working out all my problems by myself for the past week, so please bare with me if this seems like a silly question.

    When I execute an exploit in msfgui, I get three lines in the module output window and the last one says "started reverse handler" Obviously, something hasn't gone right. But, what exactly went wrong? is the exploit patched? I'm running the exploit to my own box and I was pretty sure the exploit wasn't patched. or has the firewall gotten in the way? Did MSF even get through to the rhost?

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    The reverse handler is a reverse shell/exploit which you have started, that means a victim must connect to the box/port the handler is running on in order to execute the exploit.

    You should probably do some more work/reading before you reall mess something up.

  3. #3
    Just burned his ISO
    Join Date
    Dec 2009
    Posts
    6

    Default

    Quote Originally Posted by pureh@te View Post
    The reverse handler is a reverse shell/exploit which you have started, that means a victim must connect to the box/port the handler is running on in order to execute the exploit.
    I know, but I was under the impression that no action was required by the user of the remote host (ie. the vitcim doesn't have to click on anything). Every demo I've viewed (most use a meterpreter payload) shows metasploit using an exploit to place a dll file on the computer (I may be mistaken on the filetype). The file then automatically connects back to the lhost so that priveleges can be escalated and then root can be accessed. Please correct me if I'm mistaken.

    Here's one of the video demos I'm talking about:
    youtube.com/watch?v=BTfOzKACPsY

    I've already read quite a bit, but I may have some misconceptions. What else would you recommend I read? I'm slowly going through Metasploit Unleashed, BTW.

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    If you notice around 2.30 in the video you reference the user start the .exe through netcat on the windows machine. He stated he had to start it twice.
    So the exe is loaded onto the victim and it was started by typing C:\meterp.exe or whatever it was called.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  5. #5
    Very good friend of the forum hhmatt's Avatar
    Join Date
    Jan 2010
    Posts
    660

    Default

    Read up more on reverse shell and finish Metasploit Unleashed. This should be all you need. The video that's posted is about creating an executable file(.exe). This can be used without interaction if you already have a shell like he did in the video with netcat.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •