Jump to content

Problem When Trying To Backdoor Computer Outside The Network


Recommended Posts

well, i created file using windows/meterpreter/reverse_tcp payload that his LHOST is my external ip address(whatismyip.com) and the port is 4444

and on the machine i set the lhost to my inner ipv4 and the same port.

i open this port, and although when i open the file in other network and no session are open.

when i try the same with inner ip it works (when i try to backdoor my machine from the virtual machine).

you can see all in this picture:



tnx for reading hope u can help me guys :|

Edited by daven
Link to comment
Share on other sites

Disclaimer: I don't even want to know if you have permission to attack this other machine. It goes without saying, what you do, is at your own risk, so if you are attacking someone else's computer, that is on you.

Make the lhost, your external IP address and then either port forward the listing port to the internal machine, or put it in a DMZ.

We'll need to know your topology though to be certain what is what. 1, is the machine waiting for the connection a VM or physical box. If it is a VM, is it bridged to the physical network so it shares the same IP subnet as the router. 2, is the port forwarded to the VM or Physical machine waiting for the connection. For times like this, its often best to put your attacking machine, in a DMZ, just so it doesn't run into any issues with NAT and port forwarding or the router dropping unsolicited packets(built in firewall), and 3, do you know for certain the target machine outside of the network is compromised or vulnerable to attack? If you get no session when attacking, it sounds like the target is not vulnerable.

Link to comment
Share on other sites

OK, thanks for answering first of all I'm attacking my self i got 2 houses so I'm attacking my computer in the outside network.

I just want to learn pen testing, security networking...

and also learn how to protect my self against hackers by learning all these.

i made the lhost to my external IP in the file.

in the machine i set it as my inner IP address 192.168...

about 1 - its VM and its bridged to the physical network.

2 - yes the port waiting for the connection as u can see in the picture, in the background there is the page of my router's open ports.

3 - its the same computer as mine and if i can attack mine ( there NO AV ) and if i can do it on my self in the network and its work so i guess it should work either on the "victim"(me). according to this the only thing i can do is to put the VM in the DMZ ;x?

Link to comment
Share on other sites

Is the target behind a router or NAT? If so, you need to find a way to reach it first, such as having a web page the victim can surf to, then make that trigger the exploit and send off your payload from there. Otherwise, the victim needs to be in a DMZ or directly reachable via the internet. Other ways to do it, open a PDF on the victim machine with a payload that points back to you.

Edited by digip
Link to comment
Share on other sites

The PDF attack would definitely work, even if the victim is behind a firewall/NAT. Just use Metasploit to embed a reserve_shell in the PDF. Make sure to use either port 80 or 443, as most firewalls don't block these ports by default.

Edited by Infiltrator
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...