[framework] Handeling multiple reverse shell sessions.
Abhijeet Hatekar
abhi.hatekar at gmail.com
Fri Oct 19 11:35:10 CDT 2007
thanks for your help guys...i coded it successfully.
Thank you,
On 10/19/07, Cyberheb <cyb3rh3b at gmail.com> wrote:
>
> abhi,
>
> I think patrick has answered the question clearly, the need for ur case is
> a handler, in this case it should be reverse_tcp handler which will handle
> ur reverse shell from each successful target. Just like patrick pointed out,
> take a look at:
>
>
> http://www.metasploit.com/svn/framework3/trunk/lib/msf/core/handler/reverse_tcp.rb
>
> start_handler method should satisfied ur question then...
>
>
> On 10/18/07, Abhijeet Hatekar <abhi.hatekar at gmail.com> wrote:
> >
> > Thank you for your quick responses. I got how metasploit does it but as
> > i am not using metasploit, i cant utilise this information.
> >
> > Following is what i am trying to do.
> >
> > I have written an mass explaoitation module which works somewhat like
> > db_autopwn - scans network for alive hosts, does port scan and runs
> > fingerprint(OS/Device) detection of them.
> > Store this information in database and then execute an exploit (from
> > repository) suitable for a host. All the exploit uses reverse shell
> > shellcode (port 12345).
> >
> > The only thing pending is - how to catch the reverse shell? I dont want
> > to use netcat. Want to write own server which will listen on port 12345 and
> > serve all the catched shell.
> >
> > If you can point me to some link or some code snippet will be great
> > help.
> >
> > Thank you,
> >
> >
> >
> > On 10/17/07, mmiller at hick.org < mmiller at hick.org> wrote:
> > >
> > > On Wed, Oct 17, 2007 at 09:17:54PM +1000, Patrick Webster wrote:
> > > > Hi Abhie,
> > > >
> > > > Metasploit Framework uses an internal handler to manage sessions.
> > > >
> > > > Take a look at:
> > > >
> > > > http://www.metasploit.com/svn/framework3/trunk/lib/msf/core/handler/
> > > >
> > > > e.g.
> > > >
> > > > http://www.metasploit.com/svn/framework3/trunk/lib/msf/core/handler/reverse_tcp.rb
> > >
> > >
> > > One thing to add: The handlers (mainly the reverse_tcp handler)
> > > included in Metasploit already support handling multiple
> > > sessions. The
> > > handler used by a given exploit will run until the exploit has
> > > completed
> > > and will accept as many connections as possible during that
> > > time. This
> > > is most commonly used in passive exploits, such as browser exploits.
> > >
> >
> >
> >
> > --
> > Abhie
> > ----r00t Is stAt3 0f mInD---
> > http://bughira.sf.net
> >
>
>
--
Abhie
----r00t Is stAt3 0f mInD---
http://bughira.sf.net
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://spool.metasploit.com/pipermail/framework/attachments/20071019/4b650039/attachment.htm
More information about the framework
mailing list