how to quit a shell gracefully?

[junkoi2004 at gmail.com (Jun Koi)]

hi Rob,

On Tue, May 12, 2009 at 10:08 PM, Rob Fuller <mubix at room362.com> wrote:
> Jun,
> ?? Lauri is right. However if you are trying to close the session for good,
> you are going to crash the process that you are in. I believe this is based
> on the EXITFUNC (Exit Function) that is used (SEH, Process, Thread).
> ?? But as a best practice, in my penetration testing, I migrate to a service
> (if possible - depending on level of access) that is marked to auto restart,

This part is interesting! Could you explain how to "migrate" to another service?
Does "migrate" mean "injecting shell into another process"?


> or just Explorer.exe if I am sure there isn't anyone with eyes on the
> desktop. Both ways provide you with a less visible crash and hopefully a
> still completely functional machine after you leave.

This makes a lot of sense, thanks!

J

> > Jun Koi wrote:
> > > hi,
> > >
> > > i am still learning how to use metasploit, so sorry for the stupid
> > > question here.
> > >
> > > i can exploit a remote Windows box, and now open a reverse shell
> > > (CMD.exe). however, i dont know how to quit the shell without crashing
> > > the remote process.
> > >
> > > i tried "exit" command, but then metasploit seems to hang.
> > > then i tried "Ctrl+C", and asked to abort the session. then the remote
> > > process crashed.
> > >
> > > i am sure there is a better way to do this without crashing the
> > > target. please anybody help?
> > >
> > > my case:
> > > - remote machine: Windows XP
> > > - metasploit runs on Linux
> > > - payload: windows/shell/reverse_nonx_tcp
> >
> > Ctrl+Z backgrounds the session. Then you can use sessions -l to list and
> > session -i number to return to the session.
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
>
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework