Hello together,
I started experimenting with metasploit and the payloads of it on android. Currently I am wondering what are the differences between reversetcp and reversehttps. Is there any advantage of one of them over the other? I read that if you are using reversehttps you can use a name instead of an Ip-adress.
Thanks for your help :)
Forum Thread:
Gaining Access into the Victim's Whatsapp on Android
12
Replies
Forum Thread:
Whatsapp Hack?
19
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Dox Anyone
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
Perform a Pass-the-Hash Attack & Get System Access on Windows
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Crack Shadow Hashes After Getting Root on a Linux System
How To:
Enumerate SMB with Enum4linux & Smbclient
How To:
Hack Coin-Operated Laudromat Machines for Free Wash & Dry Cycles
How To:
Use Kismet to Watch Wi-Fi User Activity Through Walls
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Use SpiderFoot for OSINT Gathering
How To:
Automate Wi-Fi Hacking with Wifite2
How To:
Hack WiFi Using a WPS Pixie Dust Attack
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
How To:
Spy on Traffic from a Smartphone with Wireshark
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
2 Responses
The reverse https payload is used when there are some firewalls restrictions or DPI. The reversehttpsmeterpreter payload is like a standard meterpreter payload, infact if you sniff with wireshark, it looks like normal HTTPS traffic. For this reasons, you can have encrypted traffic and you can bypass deep packet inspectors.
If I'm correct it doesn't matter if it's a reverseTCP or an reverseHTTP. Since both is coming from the victim computer back to the attacker. Which means the firewall think it's fine since the victim started the connection. The only different is probably that the HTTPS one go via the port 443, which as you said makes it looks like encrypted website requests and communication.
Share Your Thoughts