Results 1 to 6 of 6

Thread: exploiting beyond the LAN

Threaded View

  1. #1
    Senior Member
    Join Date
    Jan 2010
    Posts
    173

    Default exploiting beyond the LAN

    Hi Fellaz,

    I've successfully exploited various win xp machines on my lan in lab environment using SET and aurora exploit but that is locally, how can these exploitz be used against other side of router on MY remote office pcs (ie.) want to try and pentest outside the local lan, will the exploit meterpreter session come back to me on my LHOST 192.168.0.8 address even if not on the same lan. if not how can it be acheived?

    Pentest office : attack machine ip 192.168.0.8 public ip 96.xxx.xxx.xxx
    Remote office different lan: victim ip 192.168.1.9 public ip 92.xxx.xxx.xxx
    MY OWN btw victim machine both owned my myself.

    both ip addresses differ 92.xxx.xxx.xxx and 96.xxx.xxx.xxx so how to metasploit past my remote router into the lan side.

    As stated I own both networks but not Pwnd yet.
    Googled and not found a thing apart from changing LHOST to public ip but thats just the router isnt it?

    Kind Regardz DEE


    Hi

    Thanks for you response to my problem, i am still having problems with the port forward feature.... After your advice i am have set up my attack side lan router to forward incoming connections on port 4444 TCP/UDP to any on lan.

    Now when i do a aurora attack on my office for connection back on my backtrack 4 machine ip= 192.168.0.8 i have set LHOST to my routers ip address = 90.xxx.xxx.114 i get my router login pop up after the ip add is input in browser. my router settings are:

    Firmware Version 1.9Sky
    ADSL Port
    MAC Address 00:xx:69:xx:34:xx
    IP Address 90.xxx.xxx.114 (is the one i used in LHOST)
    Network Type PPPoA
    IP Subnet Mask 255.255.255.255
    Gateway IP Address=89.xxx.128.xxx
    Domain Name Server =90.xxx.xxx.97 90.xxx.xxx.99
    LAN Port
    MAC Address 00:xx:xx:xx:xx:d6
    IP Address 192.168.0.1
    DHCP enable
    IP Subnet Mask 255.255.255.0

    Please advise as to which ip to use in my LHOST so that the packets are fowarded form there on to my local ip 192.168.0.8

    Do i use the gateway ip instead?

    thanks again this is the final part for me to pentest my office remotely.

    BTW ESET SMART SECURITY IS THE MUTZ NUTZ ... defeats arp poisoning and much more.
    Last edited by pentest09; 02-06-2010 at 07:07 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •