Metasploit mailing list archives
Reverse Connections through a Compromised Host
From: "Demetris Papapetrou" <dpapapetrou () internalaudit gov cy>
Date: Thu, 22 Jan 2015 12:07:24 +0200
Dear list members, When I try to exploit a machine via an already established pivot point on a compromised host and set the payload to meterpreter/reverse_tcp I get the following message during exploitation [*] Started reverse handler on [compromised host] via the meterpreter on session [pivot session]". This means that somehow Metasploit or more specifically meterpreter opens some kind of a listener on the compromised host which receives the reverse_tcp connection and forwards it through the pivot session to the attacker's machine. What I would like to know is which part of Metasploit/Meterpreter is responsible for this listener/forwarding functionality and whether I could use it outside of an exploit attempt (e.g. as a standalone listener service that backdoors on other machines with no direct access to the Internet could use to reach me)? Thank you all in advance for your replies. Demetris
_______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
Current thread:
- Reverse Connections through a Compromised Host Demetris Papapetrou (Jan 22)