Metasploit mailing list archives
Problem with LHOST on exploits.
From: egypt at metasploit.com (egypt at metasploit.com)
Date: Tue, 14 Apr 2009 09:33:22 -0600
The purpose of this behavior is to allow you to use a port forward on a NATing firewall between you and the target. For example, say you have an internal address of 192.168.1.2 and your firewall has an external address of 10.1.1.1. You can set LHOST to 10.1.1.1 and use your firewall's port forwarding features to forward LPORT on the outside to 192.168.1.2 on the inside. If metasploit tried to bind to 10.1.1.1 on your attacking box, it would fail because no interface has that address. If a server is already listening on 0.0.0.0, metasploit won't be able to bind on the "any" address, so it tries to use the specified LHOST before giving up. This is useful, for example, when you have a webserver listening on 0.0.0.0:80 and want to use 192.168.1.2:80 for a reverse shell. Hope this helped, egypt On Tue, Apr 14, 2009 at 5:13 AM, Professor 0110 <professor0110 at gmail.com> wrote:
Thanks for the quick reply and help Anastasios! But even with 0.0.0.0 is LHOST still set to my IP address which I specified? On Tue, Apr 14, 2009 at 9:06 PM, Anastasios Monachos <anastasiosm at gmail.com> wrote:This is normal, nothing to worry about. 0.0.0.0 means every ip address. When you have a server usually you can set it up to listen on a specific IP address/interface or you can set it to listen on every interface/ip your system may support, the last option is defined by using 0.0.0.0. Hope that is clear enough. 2009/4/14 Professor 0110 <professor0110 at gmail.com>Hi all, Whenever I attempt to use an exploit with a payload and I execute the exploit, the output shows the following: [*] Handler binding to LHOST 0.0.0.0 Why does it do that when I've explicitly stated the LHOST for the particular payload/exploit? Ant help on this matter will be greatly appreciated! Oh yeah, I'm using Ubuntu 8.10. Cheers, Professor 0110 _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework-- AM Key ID: 0x5EB17EE7_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Problem with LHOST on exploits. Professor 0110 (Apr 14)
- Problem with LHOST on exploits. Anastasios Monachos (Apr 14)
- Problem with LHOST on exploits. Professor 0110 (Apr 14)
- Problem with LHOST on exploits. Anastasios Monachos (Apr 14)
- Problem with LHOST on exploits. egypt at metasploit.com (Apr 14)
- vulnerability discovery? jeffs (Apr 14)
- vulnerability discovery? Patrick Webster (Apr 14)
- Problem with LHOST on exploits. Professor 0110 (Apr 14)
- Problem with LHOST on exploits. Patrick Webster (Apr 14)
- Problem with LHOST on exploits. Professor 0110 (Apr 15)
- Problem with LHOST on exploits. egypt at metasploit.com (Apr 15)
- Message not available
- Problem with LHOST on exploits. Professor 0110 (Apr 15)
- Message not available
- Problem with LHOST on exploits. Professor 0110 (Apr 15)
- Problem with LHOST on exploits. Professor 0110 (Apr 14)
- Problem with LHOST on exploits. Anastasios Monachos (Apr 14)