Metasploit mailing list archives
Place a Meterpreter backdoor
From: bardo at mclink.it (BardoBaggins)
Date: Sat, 12 May 2007 17:45:44 +0000
Tnx both of you :) I thought that just placing a register key to execue it on boot would have done the trick. I'll check out the solution you told me and then report :) Bye ! Bardo Ramakrishna Nyayapathi wrote:
Hi, You could try to install it as service.. check out instsrv.exe/srvany.exe from winxp admin toolkit. Also sc.exe and reg.exe would be handy I guess. On 5/11/07, * Kurt Grutzmacher* <grutz at jingojango.net <mailto:grutz at jingojango.net>> wrote: On Fri, May 11, 2007 at 03:58:09PM +0000, BardoBaggins wrote: > Thanks! > That was EXACTLY what I wanted to know :) > tried out adn worked perfectly... except for a little issue. If I try to > NMAP (SYN Scan) the 4444 port on the remote host to check if it's open, > the backdoor process crashes. This happened on a WinXP SP2 Italian. Unless you install it as a service or write a wrapper to daemonize it the process will crash without valid stage loaders. Meterpreter, while awesome in what it does, is no persistent backdoor/rootkit. :) -- ..:[ grutz at jingojango dot net ]:.. GPG fingerprint: 5FD6 A27D 63DB 3319 140F B3FB EC95 2A03 8CB3 ECB4 "There's just no amusing way to say, 'I have a CISSP'."
Current thread:
- Place a Meterpreter backdoor BardoBaggins (May 10)
- Place a Meterpreter backdoor Ramakrishna Nyayapathi (May 10)
- Place a Meterpreter backdoor BardoBaggins (May 11)
- Place a Meterpreter backdoor Kurt Grutzmacher (May 11)
- Place a Meterpreter backdoor Ramakrishna Nyayapathi (May 11)
- Place a Meterpreter backdoor BardoBaggins (May 12)
- Place a Meterpreter backdoor godzeye godzeye (May 14)
- Place a Meterpreter backdoor BardoBaggins (May 11)
- Place a Meterpreter backdoor Ramakrishna Nyayapathi (May 10)