Metasploit mailing list archives
Fw: The best way to make a backdoor.
From: talha.tariq at gmail.com (Talha)
Date: Wed, 16 Jan 2008 01:17:40 +0000
The windows resource kit comes with a small utility called srvany.exe that converts any win32 binary to run as a windows service. I have successfully tested it with a number of executables and it works pretty well. You can try the same with meterpreter. --Talha On 15/01/2008, base <adrian at inetb.com> wrote:
The windows service manager can not run just any executable as a service, the binary would need to support at least the basic windows service calls from the scm. To do this specifically you would need to include a compiled meterpreter payload in a custom-built windows service, or have it launched by a "service manager" type of service of which several free solutions exist. firedaemon anyone? ;(. On a side note, I really appreciate what meterpreter can do as of msf2, and I'm sure it's improved in msf3 but i have not had the chance to test. Juan Miguel Paredes wrote:If you have admin level access to the Windows (assuming XP), you can create a meterpreter executable with metasploit, upload it and then use the built in "sc.exe" command to create (or modify) a service: sc create backdoor binPath= c:\meterp.exe start= auto error= ignore type= interact On Jan 14, 2008 11:54 PM, Paris Jones <arckeda at yahoo.com <mailto:arckeda at yahoo.com>> wrote: Sorry if this is a double post, I don't know if I was signed up or not when I posted my first one. From: Paris Jones <arckeda at yahoo.com <mailto:arckeda at yahoo.com>> To: framework at metasploit.com <mailto:framework at metasploit.com> Sent: Monday, January 14, 2008 4:37:55 PM Subject: The best way to make a backdoor. Hello, first I would just like to say that I love this product, I think it is amazingly simple to use, and even though there could be abuse of it, I would recommend this to any security penetration testing trying to show how insecure Windows can be. I would like to know your opinions on the best way to make a backdoor using meterpreter. Would I edit the registry and put in a netcat command? How do I edit the registry on windows with meterpreter? Can I use meterpreter as a service on the victim computer? Also, I would like to know if metasploit includes any features for dynamic ip addresses, so I could connect to say my own domain or subdomain to access the ip, is there some program that will change a sub domain to the ip address of the victim computer that comes with metasploit? Thanks. -ARCKEDA ------------------------------------------------------------------------ Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. <http://us.rd.yahoo.com/evt=51733/*http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypao8Wcj9tAcJ%20> ------------------------------------------------------------------------ Looking for last minute shopping deals? Find them fast with Yahoo! Search. <http://us.rd.yahoo.com/evt=51734/*http://tools.search.yahoo.com/newsearch/category.php?category=shopping>
Current thread:
- The best way to make a backdoor. Paris Jones (Jan 14)
- <Possible follow-ups>
- Fw: The best way to make a backdoor. Paris Jones (Jan 14)
- Fw: The best way to make a backdoor. Juan Miguel Paredes (Jan 15)
- Fw: The best way to make a backdoor. base (Jan 15)
- Fw: The best way to make a backdoor. Talha (Jan 15)
- Fw: The best way to make a backdoor. Juan Miguel Paredes (Jan 15)