Results 1 to 5 of 5

Thread: exploiting beyond the LAN

  1. #1
    Senior Member
    Join Date
    Jan 2010
    Posts
    173

    Default exploiting beyond the LAN

    Hi Fellaz,

    I've successfully exploited various win xp machines on my lan in lab environment using SET and aurora exploit but that is locally, how can these exploitz be used against other side of router on MY remote office pcs (ie.) want to try and pentest outside the local lan, will the exploit meterpreter session come back to me on my LHOST 192.168.0.8 address even if not on the same lan. if not how can it be acheived?

    Pentest office : attack machine ip 192.168.0.8 public ip 96.xx.xx.xx
    Remote office different lan: victim ip 192.168.1.9 public ip 92.xx.xx.xx
    MY OWN btw victim machine both owned my myself.

    both ip addresses differ 92.xx.xx.xx and 96.xx.xx.xx so how to metasploit past my remote router into the lan side.

    As stated I own both networks but not Pwnd yet.
    Googled and not found a thing apart from changing LHOST to public ip but thats just the router isnt it?

    Kind Regardz DEE

  2. #2
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    Quote Originally Posted by pentest09 View Post
    want to try and pentest outside the local lan, will the exploit meterpreter session come back to me on my LHOST 192.168.0.8 address even if not on the same lan.
    Obviously not. If you did that, meterpreter would try to communicate with 192.168.0.8 but on your remote office's local network. You would have to set your pentest office IP on the net and port-forward the meterpreter's port to your local IP on your pentest office's router.

    Quote Originally Posted by pentest09 View Post
    As stated I own both networks but not Pwnd yet.
    Googled and not found a thing apart from changing LHOST to public ip but thats just the router isnt it?
    Yes, that's just the router unless you port-forward like I said above, so that the router know what to do with the incoming connection.

  3. #3
    Senior Member
    Join Date
    Jan 2010
    Posts
    173

    Default exploit beyond the lan

    Thanx for such a quick reply, now how would i do this?

    Set meterpreter to LHOST 92.xxx.xxx.xxx my pentest public ip then forward on to 192.168.0.8, dont expect you to smoke my fags 4 me but am a little new to the exploit gear. can it be forwarded from my pentest public ip into my pentest lan and what comms if u could help would be very much appreciated.

    Thanx again......

  4. #4
    My life is this forum Snayler's Avatar
    Join Date
    Jan 2010
    Posts
    1,418

    Default

    Quote Originally Posted by pentest09 View Post
    Set meterpreter to LHOST 92.xxx.xxx.xxx my pentest public ip then forward on to 192.168.0.8, dont expect you to smoke my fags 4 me but am a little new to the exploit gear. can it be forwarded from my pentest public ip into my pentest lan and what comms if u could help would be very much appreciated.
    The port-forward thingy is to be made in the router's configuration page, not part of the exploit itself. Google "port forwarding", you should get lots of info on this. You can also include your router's brand and model in the search.

    Quote Originally Posted by pentest09 View Post
    Thanx for such a quick reply
    Thanx again......
    You're welcome.

  5. #5
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    6

    Post port forwarding

    even with port forwarding, you might not be able to open certain ports due to your isp. you may want to look into doing some research as to what ports your isp has blocked off.although some ports may be blocked off, you can still use netcat to listen on that specific port along with using metasploit.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •