pierre Posted June 7, 2016 Share Posted June 7, 2016 Hello, Habitually with Metasploit, i do this: 1.Pick an exploit 2.Setting exploit options 3.Pick a payload 4.Setting payload options 5.Run exploit 6.Connecting to the remote 7.Performing post-exploitation process But then I discovered that I can do this: 1.Create a .exe payload with options 2."use multi/handler" in metasploit 3.Setting handler options 4.Wait for a vitcim payload execution 6.Connecting to the remote 7.Performing post-exploitation process What is "multi/handler" ?? Quote Link to comment Share on other sites More sharing options...
digininja Posted June 7, 2016 Share Posted June 7, 2016 Multi handler just starts the payload receiver and waits for a connection or connects out. It is used when you are connecting in from things like exe's or web shells. Quote Link to comment Share on other sites More sharing options...
pierre Posted June 8, 2016 Author Share Posted June 8, 2016 (edited) So no exploit are needed, only a payload ? The exploit is the human himself by launching the payload ? Edited June 8, 2016 by tot94 Quote Link to comment Share on other sites More sharing options...
digininja Posted June 8, 2016 Share Posted June 8, 2016 You need a way to run the payload, be that through an exploit or just built into an executable. Quote Link to comment Share on other sites More sharing options...
pierre Posted June 8, 2016 Author Share Posted June 8, 2016 Ah ok thanks I didn't understand it in that way... Thanks you very much Quote Link to comment Share on other sites More sharing options...
i8igmac Posted June 8, 2016 Share Posted June 8, 2016 a buffer over flow for a ftp server for example, you have to configure the exploit module and include a payload. The exploit module will craft a large packet that will trigger the buffer overflow, metasploit will generate the payload and place the shellcode inside this Large packet and send it off... the exploit module will launch the packet onto the network using the ftp protocal and also configure the payload multi handler to handle the payload with metasploit sockets. multi handler is simply a module that can be configured to handle payloads. Quote Link to comment Share on other sites More sharing options...
pierre Posted June 9, 2016 Author Share Posted June 9, 2016 Thank you I fully understand how it works now, the big difference between exploit & payload :) Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.