Hello everyone. I am having an issue I am hoping someone here can help with. I am trying to create an executable though Shellter that uses a No-IP Domain. From what I gathered researching, the payload Reversetcpdns is needed for it to work. My issue is that Shellter does not have this payload but they offer you to use a Custom payload. I can create this custom payload in Metasploit but it does not work if the lhost is the No-Ip hostname. (It will work if I put the WAN IP as the lhost)
I do believe that the listener is set up correctly as if I go to the no-ip address with the port on my separate networked computer, it shows it sending the payload on Armitage. I have created a custom reversetcp and reversehttp and used them in Shellter and it works just fine as well. When I try to open the created executable with the reversetcpdns payload and an lhost of the hostname, all it does on the target computer is opens 2 or 3 processes, one .tmp and one or two .exe processes and then closes them after a few seconds. Any ideas on what is going wrong or what I can do to fix it?
2 Responses
Generate an executable from metasploit using the same exact settings as those used for generating the custom payload to use with Shellter.
Then, go on the 'victim' computer where I assume you have legitimate access to (otherwise you are in the wrong place) and run the generated executable from metasploit.
See if that works...
Figured out my issue and will post here in case anyone else has my same issue. When creating the payload in Metasploit I was putting http:// in front of my hostname. That is not needed and was causing it to not work correctly. Once it was removed, the payload worked.
Share Your Thoughts