Metasploit mailing list archives

Re: meterpreter

From: Matt Gardenghi <mtgarden () gmail com>
Date: Wed, 23 Jun 2010 11:50:41 -0400

metsvc has a memory leak and is really buggy. Don't use it unless youhave to...


On 6/23/2010 11:49 AM, Jonathan Cran wrote:

On Wed, Jun 23, 2010 at 10:12 AM, Nicolas Krassas<krasn () ans gr>  wrote:

  Thanks for your reply I'm aware of the first 2 options none of them though is what I'm looking for. The service , metsvc  is 
dependent on the framework itself, also implies that I've the right to install a service,  and that is exactly what I don't :)

fyi, metsvc can run standalone (no need for a service install).

  i think i see what you're going for though. You're interested in
getting SYSTEM on the box via meterpreter completely standalone - no
incoming / outgoing control to the handler - or implementing a "local"
handler - you would need to implement something to drive the
meterpreter dll's - currently this is implemented in ruby via the
framework - i'm not aware of any other implementation.

As for the last one, as I mention the host is almost completely firewalled on outgoing connections.

In the case of the ncat.exe technique, you use the framework to
connect _in_ to the host, if that helps. you can also specify an
arbitrary port when you set up the backdoor. Port forwarding is your
friend?

Not sure this is extremely helpful, but good luck.

jcran
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

meterpreter Nicolas Krassas (Jun 23)
- Re: meterpreter Jonathan Cran (Jun 23)
  - Re: meterpreter Nicolas Krassas (Jun 23)
    - Re: meterpreter Jonathan Cran (Jun 23)
    - Re: meterpreter Matt Gardenghi (Jun 23)
    - Re: meterpreter Nicolas Krassas (Jun 23)