Place a Meterpreter backdoor

[godzeye at gmail.com (godzeye godzeye)]

yes.it is a good !

2007/5/13, BardoBaggins <bardo at mclink.it>:
> Tnx both of you :)
>
> I thought that just placing a register key to execue it on boot would
> have done the trick. I'll check out the solution you told me and then
> report :)
>
> Bye !
>
> Bardo
>
> Ramakrishna Nyayapathi wrote:
> > Hi,
> >
> > You could try to install it as service..
> > check out instsrv.exe/srvany.exe from winxp admin toolkit. Also sc.exe
> > and reg.exe would be handy I guess.
> >
> >
> > On 5/11/07, * Kurt Grutzmacher* <grutz at jingojango.net
> > <mailto:grutz at jingojango.net>> wrote:
> >
> >     On Fri, May 11, 2007 at 03:58:09PM +0000, BardoBaggins wrote:
> >     > Thanks!
> >     > That was EXACTLY what I wanted to know :)
> >     > tried out adn worked perfectly... except for a little issue. If
> >     I try to
> >     > NMAP (SYN Scan) the 4444 port on the remote host to check if
> >     it's open,
> >     > the backdoor process crashes. This happened on a WinXP SP2
> Italian.
> >     Unless you install it as a service or write a wrapper to daemonize
> it
> >     the process will crash without valid stage loaders. Meterpreter,
> >     while
> >     awesome in what it does, is no persistent backdoor/rootkit. :)
> >
> >
> >     --
> >                      ..:[ grutz at jingojango dot net ]:..
> >          GPG fingerprint: 5FD6 A27D 63DB 3319 140F  B3FB EC95 2A03
> >     8CB3 ECB4
> >             "There's just no amusing way to say, 'I have a CISSP'."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20070514/f3d7f0ad/attachment.htm>