karencho Posted February 18, 2016 Posted February 18, 2016 Heloo again,can someone help me ,is there is some programm that can be installed on Windos OS (not backdoor or some generated payload ) ,some chat,filemanager or something that have vurnabillity ,so after installing on windows i could exploit it from Metasploit? And one more question ,i have installed a generated payload on my computer but after i reboot it Metasploit framework cannot conect to that session,how i have to build payload so it always ,even after turning off or reboting compute, was connecting to my Kali linux PS ? thank you Quote
karencho Posted February 21, 2016 Author Posted February 21, 2016 no one can help?please i need to know how can i connect to computer that has installed meterpreter payload Quote
b0N3z Posted February 21, 2016 Posted February 21, 2016 I personally dont know how I havent played with metasploit to much yet but be patient im sure somebody will answer soon enough. Google all sorts of different things for your situation, you might find something that will help you figure it out. Quote
Rainman_34 Posted February 21, 2016 Posted February 21, 2016 Ability Server is a great one to put on your windows machine if you are looking for vulnerable software to exploit. Very easy one with lots of tutorials on how to exploit and get a reverse shell. It will not leave a permanent back door unless you use metasploit to install one. Ability can only be exploited when it is running. Quote
karencho Posted February 21, 2016 Author Posted February 21, 2016 Ability Server is a great one to put on your windows machine if you are looking for vulnerable software to exploit. Very easy one with lots of tutorials on how to exploit and get a reverse shell. It will not leave a permanent back door unless you use metasploit to install one. Ability can only be exploited when it is running. thanks for reply ,Ability FTP Server did you mean that programm? i found this exploit Ability FTP 2.34 Stack-based Buffer Overflow but it is only on unix yes? can you give me a tut link thanks for it Quote
Guest Posted February 25, 2016 Posted February 25, 2016 You can browse the exploits database at https://www.exploit-db.com/remote/and look for remote exploits for programs that you would like to exploit. Or use the search function to find exploits to a specific program, for example vnc. I believe all these exploits are already incorporated in metasploit, As for your second question, I'm not sure I understand what you mean, but just copying a payload onto another computer is not enough, it needs to be executed at each reboot of that computer. So you want to learn where exactly on a computer you place the payload so that it is started when the computer starts. Quote
karencho Posted February 25, 2016 Author Posted February 25, 2016 You can browse the exploits database at https://www.exploit-db.com/remote/and look for remote exploits for programs that you would like to exploit. Or use the search function to find exploits to a specific program, for example vnc. I believe all these exploits are already incorporated in metasploit, As for your second question, I'm not sure I understand what you mean, but just copying a payload onto another computer is not enough, it needs to be executed at each reboot of that computer. So you want to learn where exactly on a computer you place the payload so that it is started when the computer starts. i know but when i am builting payload in veil or msfvenom what i should do so it will connect back to my kali linux computer? and one more thing when i am using public ip should be port forwarded on the victims machine? Quote
updatesvc Posted March 1, 2016 Posted March 1, 2016 (edited) look for a program wrapper to force add to startup programs What i think you want is a trojan option 2 You can create a batch file to autoamtically create a shortcut of the payload.exe to the default startup folder location and then merge the batch file with the virus Edited March 1, 2016 by updatesvc Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.