how to quit a shell gracefully?

[mubix at room362.com (Rob Fuller)]

Jun,
   Lauri is right. However if you are trying to close the session for good,
you are going to crash the process that you are in. I believe this is based
on the EXITFUNC (Exit Function) that is used (SEH, Process, Thread).

   But as a best practice, in my penetration testing, I migrate to a service
(if possible - depending on level of access) that is marked to auto restart,
or just Explorer.exe if I am sure there isn't anyone with eyes on the
desktop. Both ways provide you with a less visible crash and hopefully a
still completely functional machine after you leave.

Hope this helps,

--
Rob Fuller | mubix | Room362.com | Hak5.org

On Tue, May 12, 2009 at 6:22 AM, Lauri Kiiski <lkiiski at niksula.hut.fi>wrote:

> Jun Koi wrote:
>
> > hi,
> >
> > i am still learning how to use metasploit, so sorry for the stupid
> > question here.
> >
> > i can exploit a remote Windows box, and now open a reverse shell
> > (CMD.exe). however, i dont know how to quit the shell without crashing
> > the remote process.
> >
> > i tried "exit" command, but then metasploit seems to hang.
> > then i tried "Ctrl+C", and asked to abort the session. then the remote
> > process crashed.
> >
> > i am sure there is a better way to do this without crashing the
> > target. please anybody help?
> >
> > my case:
> > - remote machine: Windows XP
> > - metasploit runs on Linux
> > - payload: windows/shell/reverse_nonx_tcp
>
> Ctrl+Z backgrounds the session. Then you can use sessions -l to list and
> session -i number to return to the session.
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20090512/38694e56/attachment.htm>