Re: Meterpreter bind tcp payload

[egypt () metasploit com]

On Tue, Aug 30, 2011 at 4:34 AM, Eric <dkn4a1 () gmail com> wrote:
> On Tue, Aug 30, 2011 at 2:37 AM, HD Moore <hdm () metasploit com> wrote:
> > On 8/29/2011 6:07 AM, Eric wrote:
> > > Hello all,
> > >
> > > Could be a noob question, but how a system which gets exploited
> > > successfully and having meterpreter/bind_tcp as its payload, is
> > > supposed to be connected to a server running multi/handler. Or is the
> > > multi/handler which has to connect to the exploited system, if so,
> > > how?
> >
> > The exploit starts the payload handler, which automatically connects to
> > the bind listener. If you create a bind_tcp executable you would need to
> > use a multi/handler - the same way as you normally do reverse_tcp,
> > except you would need to specify the RHOST.
>
> Oh. But, isn't that very much similar with reverse_tcp?
>
> Imagine a scenario, where I don't have a static IP address and I have
> distributed bind_tcp executables.
> I want to connect to exploited systems on my own, and don't really
> wish to use shell/bind_tcp.
>
> So, according to you, using meterpreter/bind_tcp is not possible in
> this scenario?

It's possible only if you know the IP address of every victim, which
is implausible in most situations.  It also leaves backdoors sitting
around waiting for whoever connects to them.

egypt
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework