Re: client-side exploitation over the internet

[Matt Gardenghi <mtgarden () gmail com>]

Some instructions here:  http://www.skullsecurity.org/blog/?p=261

On 4/5/2010 9:05 AM, Wasim Halani wrote:
> Hi all,
>
> Is it possible to create MSF payloads in a manner so that it is able 
> to 'connect back' over the NAT.
> My scenario is as shown below.
>
> Victim----- Firewall ---- Internet----- ADSL_Router(NAT) -----Attacker
>
> I am currently using a reverse shell embedded in a PDF (CVE 2010-0188)
> I have given the router's public IP as the LHOST for the payload and 
> my internal IP as the LHOST for the multihandler.
> This normally wouldn't be the proper values (both LHOSTs should match)
> I tried to port-forward to my internal system. It didn't work.
> But is there any other way to get this working.
>
> If this is not possible, can anyone suggest a mechanism which will 
> help me identify (uniquely) if a victim machine has been
> compromised (even if I don't gain access to it).
>
> Thanks !
> ---
> Wasim
> http://securitythoughts.wordpress.com
> ----------
> To keep silent when you can say something wise and useful is as bad as 
> keeping on propagating foolish and unwise thoughts. -- Imam Ali (p.b.u.h.)
>
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
>    
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework