Wednesday, February 29, 2012

Meterpreter Backdoor

Again, meterpreter is the most convenient payload to use. Part of the hacking framework is creating a backdoor for later use so we don't need to go through normal attack to access the system again. Meterpreter can make a backdoor on a system that we've successfully exploit. Make us can get a meterpreter shell anytime we want. Cool right..  :D
There's a module called "metsvc" that will create a persistent backdoor on a system. This module is created by Alexander Sotirov. Read more here One thing to keep in mind, metsvc requires no authentication. This means anyone can access our backdoor if they know the port that we use. This is not a good thing if you are performing a real pentest.

Ok, here's how to use 'metsvc' module on meterpreter to create a backdoor.

- First you need to get a meterpreter shell.

- To see the usage of the metsvc type this command
meterpreter > run metsvc -h

- Ok, lets run it
meterpreter > run metsvc
- By default it will create a listening meterpreter on port 31337, and stored the executable files at C:\DOCUME~1\Agoes\LOCALS~1\Temp\...

Thats it, the metsvc service is now listening and ready to be used.  
To know how to use it you can go here.

"the quieter you become, the more you are able to hear.."


Post a Comment