Forum Thread: Cmd Port Opening

I searched about it but couldnt find anything..=.=

Suppose I get a meterpreter session or a shell... how can I open a port I want on the victim pc??

16 Responses

if you want to port forward in LAN, simply open a port on their firewall, or disable the firewall altogether (the latter one not recommended).

if you want to port forward on WAN, you need to open that port in the firewall + login to the router as admin and port forward there to the port you just opened on the exploited machine.

-Phoenix750

I know that I have to do that...
But the question is how... what commands do I use??

Thanks for that.. but from the router??

Is there a way to use cmd or meterpreter command to open port in that??

If not then how do I login to router on victim pc??

use the ipconfig command, then open a VNC connection to the target (make sure target is idle), and then surf to the default gateway, which you got using the ipconfig command.

-Phoenix750

Thank you!!

One last question..
Does bind-tcp require only port in firewall to be opened or do I have to pot forward router too for it??

if you are connecting over WAN (the internet) you will also need to port forward the router.

-Phoenix750

What is the purpose? What are you opening a port for? Give a scenario and there might be a different way. If you already rooted the box and have a reverse tcp session, what more are you trying to do?

I want a bind-tcp for anonymity...
Thanks to pheonix!! ;);)

like se7enpeace mentioned, using a bind-tcp payload allows you to connect to it through proxies, which is not possible with a reverse-tcp.

-Phoenix750

Is there no other way without opening a port?? Or without bind tcp??

Off the top of my head-

Get the client/host to initiate the connection.

Install/develop an exploit that will call home every x seconds and wait for a command to be issued to start a session.

Use UDP instead of TCP.

Think outside of metasploit or develop your own metasploit script.

**

Ultimately - and the basis of my question - what are you trying to do? Steal files? Remote control? Steal passwords? Open and close their CD-ROM until the feds come? You should have a specific objective in mind when you compromise a host - get in, execute your objective, clean your activities, get out without getting caught.

that is advanced stuff right there, i just didn't think se7enpeace was that advanced. (not trying to judge).

-Phoenix750

Im not that advanced lol..
But ill learn..
Thanks for your reply!!

no.

well there might be other ways, but not ways that i know of...

-Phoenix750

Share Your Thoughts

  • Hot
  • Active