Government Security
Network Security Resources

Jump to content

Photo

Payload For Remote Control


  • Please log in to reply
8 replies to this topic

#1 root linux

root linux

    Private

  • Members
  • 6 posts

Posted 30 October 2010 - 11:37 PM

Hello everyone,
i have a problem: can i use a payload as remote control of a windows PC, which i can control over linux?
I think, the meterpreter payload would be fine, it sends a remote shell back.

My Question: Can iuse a Payload to control windows with linux? It should be like this: I send a special requset to special port and it will be send back a remote shell.

Could somebody help me?

Greetings, root linux

#2 Marts McFly

Marts McFly

    Second Lieutenant

  • Second Lieutenant
  • 591 posts

Posted 31 October 2010 - 08:32 PM

It doesn't matter that you are on Linux, provided your exploit and payload are both for windows. In metasploit, you can set this when you pick the exploit. (set exploit windows/etc/etc/etc). And the payloads associated can give you a remote shell, or you can even get a VNC shell which actually will let you remotely control the windows box.

So yeah, it doesn't matter if you are running linux, meterpreter builds the session for you. Check out the 'Metasploit Unleashed' tutorial if you get stuck.
Certified Information Systems Security Professional (CISSP)

T: http://twitter.com/Marts_McFly

B: http://www.backtosecurity.com

#3 root linux

root linux

    Private

  • Members
  • 6 posts

Posted 02 November 2010 - 10:45 AM

It doesn't matter that you are on Linux, provided your exploit and payload are both for windows. In metasploit, you can set this when you pick the exploit. (set exploit windows/etc/etc/etc). And the payloads associated can give you a remote shell, or you can even get a VNC shell which actually will let you remotely control the windows box.

So yeah, it doesn't matter if you are running linux, meterpreter builds the session for you. Check out the 'Metasploit Unleashed' tutorial if you get stuck.


thanks a lot for your reply. Do you think, i could write an .exe file, which will open a port and start the meterpreter payload of metasploit? (The Code is availabe, as you know, so maybe i could execute it). The big Problem is, to send a request or sth. to the port (or other connection possibilitys), AND THEN SHOULD THE ANSWER BE A REMOTE SHELL.....

Do you think, it is possible?

Greetings, root linux

P.S.: Where is the Metasploit Unleashed Tut?

#4 Marts McFly

Marts McFly

    Second Lieutenant

  • Second Lieutenant
  • 591 posts

Posted 02 November 2010 - 03:41 PM

Yep you can create a metasploit payload which is a .exe which you can run on the victims machine manually. Have a look at this tutorial gives you some good pointers

Metasploit AV evasion [PDF]

Metasploit Unleashed tutorial: http://www.offensive...curity_Training
Certified Information Systems Security Professional (CISSP)

T: http://twitter.com/Marts_McFly

B: http://www.backtosecurity.com

#5 root linux

root linux

    Private

  • Members
  • 6 posts

Posted 03 November 2010 - 07:15 AM

Yep you can create a metasploit payload which is a .exe which you can run on the victims machine manually. Have a look at this tutorial gives you some good pointers

Metasploit AV evasion [PDF]

Metasploit Unleashed tutorial: http://www.offensive...curity_Training


Thanks a lot. I will try it, and if it works, i will marke this threat as solved or close the threat ( if it is possible).

Greetingd, Lukas

#6 root linux

root linux

    Private

  • Members
  • 6 posts

Posted 03 November 2010 - 07:20 AM


Yep you can create a metasploit payload which is a .exe which you can run on the victims machine manually. Have a look at this tutorial gives you some good pointers

Metasploit AV evasion [PDF]

Metasploit Unleashed tutorial: http://www.offensive...curity_Training


Thanks a lot. I will try it, and if it works, i will marke this threat as solved or close the threat ( if it is possible).

Greetingd, Lukas


Boaahh, thanks, that's exactly what i searched

#7 root linux

root linux

    Private

  • Members
  • 6 posts

Posted 04 November 2010 - 11:19 AM



Yep you can create a metasploit payload which is a .exe which you can run on the victims machine manually. Have a look at this tutorial gives you some good pointers

Metasploit AV evasion [PDF]

Metasploit Unleashed tutorial: http://www.offensive...curity_Training


Thanks a lot. I will try it, and if it works, i will marke this threat as solved or close the threat ( if it is possible).

Greetingd, Lukas


Boaahh, thanks, that's exactly what i searched


now i have another prob: EVERY .EXE and .VBS File will be detected as Trojan or Backdoor from AVIRA, is there a way to hide the .exe trojan?

Greetings, root linux

(the vbs-macro will create an exe file, which will be detected, the vbs itself is not detected)

Edited by root linux, 04 November 2010 - 11:20 AM.


#8 Marts McFly

Marts McFly

    Second Lieutenant

  • Second Lieutenant
  • 591 posts

Posted 04 November 2010 - 06:01 PM

To hide malicious files from being detected by AV you can run them through some packers but most common ones still get detected I believe. Metasploit comes with msfencode, which is in that SANs paper I linked you. You can try running your .exe through msfencode and play with some variables and test if the new .exe gets detected. It's all trial and error when it gets to this point.

(have a search around for 'Anti Virus evasion techniques' and 'msfencode')
Certified Information Systems Security Professional (CISSP)

T: http://twitter.com/Marts_McFly

B: http://www.backtosecurity.com

#9 root linux

root linux

    Private

  • Members
  • 6 posts

Posted 05 November 2010 - 07:21 AM

To hide malicious files from being detected by AV you can run them through some packers but most common ones still get detected I believe. Metasploit comes with msfencode, which is in that SANs paper I linked you. You can try running your .exe through msfencode and play with some variables and test if the new .exe gets detected. It's all trial and error when it gets to this point.

(have a search around for 'Anti Virus evasion techniques' and 'msfencode')


ok, thanks, i will try it




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users