Results 1 to 1 of 1

Thread: Browser exploits with an existing meterpreter listener

  1. #1
    Just burned his ISO mcjon3z's Avatar
    Join Date
    Jan 2010

    Default Browser exploits with an existing meterpreter listener (solved)

    Spoke too soon - solution was in the advanced properties of the payload:

    set DisablePayloadHandler true

    I have a perpetual meterpreter listener (multi-handler) running on a server that uses the multi-handler loader to launch the meterpreter sessions as described in this wiki entry: Metasploit Framework - AutomatingMeterpreter - Metasploit Redmine Interface

    The listener works great for client-side exploits that are loaded in various forms (such as the email payload described in the above link or an html page with the meterpreter shellcode imbedded), however I was wondering if there was a way that you can use a metasploit browser exploit (such as aurora) that uses a new metasploit session to listen for the client side but points to the existing listener as the payload instead of launching its own meterpreter listener (if I am making any sense).

    For example, if I launch the aurora exploit and try to use the same listener settings as my existing listener, it fails because I'm already using those ports.

    The reason I'm trying to do this are that I'm limited in which ports i can use my pentest target only allows outbound connections on port 80 and 443) and I want to be able to use the same listener for multiple exploit attempts at the same time.

    Does anybody know if this is even possible? I know there are other methods that don't use metasploit, but I'm kinda trying to go plug and play with this one and Metasploit seems to be the most logical way to go.

    Last edited by mcjon3z; 02-17-2010 at 08:25 PM. Reason: solved

Similar Threads

  1. Writing Buffer Overflow Exploits using BackTrack
    By lupin in forum BackTrack Howtos
    Replies: 41
    Last Post: 04-01-2011, 08:49 PM
  2. Meterpreter Connections
    By utilizatorul in forum Beginners Forum
    Replies: 1
    Last Post: 07-09-2010, 03:10 PM
  3. VNC via meterpreter
    By hhmatt in forum BackTrack Howtos
    Replies: 6
    Last Post: 02-23-2010, 05:41 AM
  4. Fast Track Meterpreter sessions
    By Marcinko in forum Beginners Forum
    Replies: 0
    Last Post: 01-30-2010, 06:52 PM
  5. Durzosploit - exploits generator framework
    By McFranco in forum Tool Requests
    Replies: 1
    Last Post: 01-26-2010, 11:36 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts