[framework] Place a Meterpreter backdoor
BardoBaggins
bardo at mclink.it
Sat May 12 12:45:44 CDT 2007
Tnx both of you :)
I thought that just placing a register key to execue it on boot would
have done the trick. I'll check out the solution you told me and then
report :)
Bye !
Bardo
Ramakrishna Nyayapathi wrote:
> Hi,
>
> You could try to install it as service..
> check out instsrv.exe/srvany.exe from winxp admin toolkit. Also sc.exe
> and reg.exe would be handy I guess.
>
>
> On 5/11/07, * Kurt Grutzmacher* <grutz at jingojango.net
> <mailto:grutz at jingojango.net>> wrote:
>
> On Fri, May 11, 2007 at 03:58:09PM +0000, BardoBaggins wrote:
> > Thanks!
> > That was EXACTLY what I wanted to know :)
> > tried out adn worked perfectly... except for a little issue. If
> I try to
> > NMAP (SYN Scan) the 4444 port on the remote host to check if
> it's open,
> > the backdoor process crashes. This happened on a WinXP SP2 Italian.
>
> Unless you install it as a service or write a wrapper to daemonize it
> the process will crash without valid stage loaders. Meterpreter,
> while
> awesome in what it does, is no persistent backdoor/rootkit. :)
>
>
> --
> ..:[ grutz at jingojango dot net ]:..
> GPG fingerprint: 5FD6 A27D 63DB 3319 140F B3FB EC95 2A03
> 8CB3 ECB4
> "There's just no amusing way to say, 'I have a CISSP'."
>
>
More information about the framework
mailing list