meterpreter reverse_tcp question

[devrand0m]

Just wondering if meterpreter reverse_tcp payload can connect back to local host that doesn't have metasploit installed.  Is there a stand alone handler/listener that can work with meterpreter, or do I need to do full install of metasploit?  Can programs like netcat listen for meterpreter inbound connection?

BTW, are there any metasploit/pentesting forums around that's any good?  Looked on Rapid7, but they have some sort of curated knowledge base, not really a forum.

[digininja]

I've not tried it but you could probably use msfvenom to build a binary using multi handler and the payload and then run that on the machine you want to listen on. You would need a full Metasploit install to create the binary but it wouldn't need to be on the listening machine.

[digip]

You can set netcat to listen, and when it connects back, you will see the connection, but not be able to interact with it. Sometimes funky characters come back in the console(from what I recall) but not always.

If it's not metasploit communicating with it, it won't setup the session properly, when meterpreter based payloads are used. If using meterpreter based payloads, as far as I know, you need to be listening in metasploit to handle the session(or armitage, which is just a GUI base for metasploit, just an example), but maybe there are options to change that in msvenom when creating the payload, or, just use a generic one not meterpreter based instead. When you use a meterpreter based shell, metasploit looks for specific hooks to send a stager back over, which are also architecture based, ie: x86 meterpreter shell vs x64 based, and handle the connection differently in how it gets executed on the victim machine and to the attacker.

Edited October 3, 2017 by digip