Home page logo

metasploit logo Metasploit mailing list archives

Re: meterpreter
From: "Nicolas Krassas" <krasn () ans gr>
Date: Wed, 23 Jun 2010 19:34:44 +0300

I'll go for the custom solution and try to strip out most of the things from the framework, I've limited file/directory 
access also in the system.

Thanks for you time Jonathan and the ideas I'm trying mosty to bounce some ideas to get my head running 


-----Original Message-----
From: Jonathan Cran [mailto:jcran () 0x0e org] 
Sent: Wednesday, June 23, 2010 6:50 PM
To: Nicolas Krassas
Cc: framework () spool metasploit com
Subject: Re: [framework] meterpreter

On Wed, Jun 23, 2010 at 10:12 AM, Nicolas Krassas <krasn () ans gr> wrote:
 Thanks for your reply I'm aware of the first 2 options none of them 
though is what I'm looking for. The service , metsvc  is dependent on 
the framework itself, also implies that I've the right to install a 
service,  and that is exactly what I don't :)

fyi, metsvc can run standalone (no need for a service install).

 i think i see what you're going for though. You're interested in getting SYSTEM on the box via meterpreter completely 
standalone - no incoming / outgoing control to the handler - or implementing a "local"
handler - you would need to implement something to drive the meterpreter dll's - currently this is implemented in ruby 
via the framework - i'm not aware of any other implementation.

As for the last one, as I mention the host is almost completely firewalled on outgoing connections.

In the case of the ncat.exe technique, you use the framework to connect _in_ to the host, if that helps. you can also 
specify an arbitrary port when you set up the backdoor. Port forwarding is your friend?

Not sure this is extremely helpful, but good luck.



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]