Hey guys so I'm pretty new and I have a few questions that I was hoping some of you could help me answer...
- How exactly is one supposed to target a client behind a router? I mean if we can obtain their router's public IP, do we need their MAC address too? Or their internal IP? (Wouldn't this change due to DHCP?). Also, assuming we have both their internal and external IP address, which do we set as the RHOST, and how would the configuration of parameters for a WAN victim be different from that of a LAN victim?
- How would I still set my LHOST for exploits if I were using proxychains and attacking over WAN? (Internal/ external/ IP of first proxy? I'm practising in VirtualBox and thus am ignorant to this)
- My victim is an admin account in another virtual Windows PC. Is it abnormal that I do not have system privileges after I exploit it? 'getsystem' does not work unless I click 'run as admin'. If running as administrator is the only way for getsystem to work, is there a way to configure the payload to only be openable as admin? (I'm using a payload created with veil-evasion)
- Finally, and most importantly, I'm having alot of trouble creating a persistent backdoor. After following countless guides inside and outside of nullbyte (Includint OTW's guide), I have not been able to make a backdoor. I followed all the steps and all the expected messages pop up, but when I background the current meterpreter session and list all sessions, only one pops up. I tried making the port the same as my exploit, and making it different, all of which did not work. No sessions are established after the 'reboot' command is given.
Thank you for taking the time to read all of that and thank you for sharing your knowledge! Cheers.