nemo_nihil Posted January 11, 2012 Posted January 11, 2012 I have seen a lot of articles on how to exploit a machine through some sort of java applet or exe embedded into another file type that calles back to the attacker and then run post exploit modules such as persistence.rb from there. The problem that I have with these exploits is that I need to have a listener and/or a machine hosting the exploit running somewhere else. Is it possible to have a standalone backdoor that can be interacted with at a more convenient time? (note this is with physical access unattended computer, etc)? Quote
Mr-Protocol Posted January 11, 2012 Posted January 11, 2012 You still need a basic client/server type connection. If you have a public server running a metasploit listener, then you can just ssh to the server and interact with the sessions there. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.