Hi Folks, i have a few questions about metasploit, you see all the tutorials on using your home network but nothing on the real world.
learning on your home network is good but building your own house doesnt make you a builder.
I have the opportunity to try and gain access into a remote computer with permission of the owner and now im stuck,
So when using metaspoit, you put in a RHOST & LHOST, when i connect to a computer within my network the RHOST is my private ip address within that network, 192.168.0.# and so on, easy peasy - But what about when i connect to a different computer on a different network, the remote host i think would become my public ip address which leads back to myself obviously,
So here are my questions.
- When connecting to a remote computer i will be using my public ip address which is traced back to me, how do people prevent this?
- i think but not 100% but when using a VPN or proxy the ip address is dynamic so the RHOST would need to change, so how do you connect back to that machine?
- Or i am completely missing the point?
2 Responses
A VPN should work, but if you're using reverse connection proxies won't work.
-Defalt
Since you've been practicing against your own network, I think you might be confused. Your RHOST is the ip address of the target you are attacking.
This article will help you about setting up your LHOST, because it's your LHOST that will be used to connect back. https://github.com/rapid7/metasploit-framework/wiki/How-to-use-a-reverse-shell-in-Metasploit
Hope this helps :D
Share Your Thoughts