Handeling multiple reverse shell sessions.

[abhi.hatekar at gmail.com (Abhijeet Hatekar)]

Thank you for your quick responses. I got how metasploit does it but as i am
not using metasploit, i cant utilise this information.

Following is what i am trying to do.

I have written an mass explaoitation module which works somewhat like
db_autopwn - scans network for alive hosts, does port scan and runs
fingerprint(OS/Device) detection of them.
Store this information in database and then execute an exploit (from
repository) suitable for a host. All the exploit uses reverse shell
shellcode (port 12345).

The only thing pending is - how to catch the reverse shell? I dont want to
use netcat. Want to write own server which will listen on port 12345 and
serve all the catched shell.

If you can point me to some link or some code snippet will be great help.

Thank you,



On 10/17/07, mmiller at hick.org <mmiller at hick.org> wrote:
> On Wed, Oct 17, 2007 at 09:17:54PM +1000, Patrick Webster wrote:
> > Hi Abhie,
> >
> > Metasploit Framework uses an internal handler to manage sessions.
> >
> > Take a look at:
> >
> > http://www.metasploit.com/svn/framework3/trunk/lib/msf/core/handler/
> >
> > e.g.
> http://www.metasploit.com/svn/framework3/trunk/lib/msf/core/handler/reverse_tcp.rb
>
> One thing to add:  The handlers (mainly the reverse_tcp handler)
> included in Metasploit already support handling multiple sessions.  The
> handler used by a given exploit will run until the exploit has completed
> and will accept as many connections as possible during that time.  This
> is most commonly used in passive exploits, such as browser exploits.



-- 
         Abhie
----r00t Is stAt3 0f mInD---
http://bughira.sf.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20071017/7fa828b1/attachment.htm>