Maybe there are loads of tutorials about this on here and I'm not correctly identifying them as such.
But let's say I get a reverse meterpreter shell on a remote Windows machine, and I want it to be persistent. I have to tell it where to "call home," right? Which means I need a stable IP and a dedicated port.
That's fairly easy if I want to use my home internet connect -- but if they sniff that traffic or find an artifact and reverse engineer it, I'm screwed. So how do I keep the "call home" bit anonymous?
All I've got is to purchase a VPS with bitcoin, but that seems... kind of flimsy.
What's a way to:
1) Use Kali and Metasploit for remote access on Windows
2) Without leaving a trail directly to my router?
Edit to clarify I mean reverse shells -- I saw a response on here the other day recommending binding connections instead, which is helpful but I'm hoping for alternatives.
2 Responses
Could hack a server and use that like a proxy. Make the reverse shell call the server. You would then connect to the server through anonymizing services (Proxy chains, Tor)
Use a dynamic ip maybe??
Share Your Thoughts