Handler binding to LHOST 0.0.0.0

[mr.r.birtles at gmail.com (ricky-lee birtles)]

Thanks Ricardo,

I did have a look through past questions asked but not been signed up
to the mailing list that long.

Well that explains it anyway.

Thanks
-- Mr R Birtles



2009/9/13 Ricardo F. Teixeira <ricardo.teixas at gmail.com>:
> Quoting egypt
> > With all of its listeners, metasploit first tries to bind?0.0.0.0,
> > the?'any' address which will work on all interfaces. ?If that fails, it?will
> > try the specific LHOST that you gave it. ?The reason for trying?all
> > interfaces first is the scenario when LHOST is a different IP from?the
> > attack platform.
>
>
> > This will happen in the case of a NATing gateway?that forwards a
> > particular port to your box, or when setting up?exploit/multi/handler to
> > catch shells on a different machine from the?one sending exploits.
>
>
> > The local IP you're seeing there is determined after the bind happens.
> >
> > Since the listener bound to all interfaces, the local IP will appear?to be
> > whichever one has a default gateway.
>
>
> > Hope this helped,
> >
> > egypt
>
> If you still have doubts, just ask (again) :)
> --
> Ricardo F. Teixeira
>
> uid: ?0x5BBD1456
> On Sun, Sep 13, 2009 at 12:42 PM, ricky-lee birtles <mr.r.birtles at gmail.com>
> wrote:
> > I have started playing with the autopwn feature in msf and noticed
> > every time I use the -r switch with db_autopwn regardless to what
> > LHOST is set to msf bind to 0.0.0.0 (I have a global LHOST variable
> > setg). I have tryed setting LHOST just before I run db_autopwn and
> > still find it binds to 0.0.0.0.
> >
> > Is anyone else having this happen? Any one found a way to make
> > msf/autopwn work correctly?
> >
> > Thanks,
> > -- Mr R Birtles
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework