Metasploit Remotely? - Page 2
Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 38

Thread: Metasploit Remotely?

  1. #11
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    Quote Originally Posted by dinowuff View Post
    You should be able to use a reverse payload, set LHOST to the IP of your router (external) and forward LPORT to your host. Or just use a bind payload if the target is not firewalled.

    I think...

    You could always use Meterpreter for key logging purposes; however, I don't think that is what you are looking for.
    This is exactly right. Although, if your target has a firewall/router, it will limit the exploits you can use for your attack. There would have to be port forwarding set up to allow you to attack specific vulnerabilities. You would most likely have to involve user-interaction. [opening an attachment, plugging in a USB key, visiting a malicious site, etc.]

    One other suggestion, is to make use of port 80. Most firewalls don't block outbound port 80, so it will just blend in with other web traffic. If the sysadmin sees port 4444 in the logs, it would probably throw up a red flag.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  2. #12
    Super Moderator: GMT Zone nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,192
    @ the OP:

    Obviously Metasploit is a powerful tool. However, all Metasploit tutorials that I've seen are based on using Metasploit from within a subnet.
    Hey fellah! you have to start somewhere, and they (Metasploit) went for the core?

    Who knows what will happen in the next 12~18 months?

    In the meantime, I see my friends have given you some possibly useful
    alternatives?

    Good Luck!
    If you cannot do someone any good: don't do them any harm....
    As long as you did this to one of these, the least of my little ones............you did it unto Me.
    What profiteth a man if he gains the entire World at the expense of his immortal soul?

  3. #13
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Location
    Flint, MI
    Posts
    2,884
    Firewalking is your friend.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

  4. #14
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    So is Hydra, Hping, and IPSorcery
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  5. #15
    Senior Member
    Join Date
    Dec 2003
    Location
    Texas
    Posts
    158

    diffrence

    Quote Originally Posted by CyberB0b View Post
    Just wanted to mention that this is not a hacking site.
    the difference between a hacker and a security expert is choice of what to do with the knowledge gained and or how you gain the knowledge in the first place
    Last edited by romanticcowboy; June 4th, 2010 at 03:10 PM. Reason: more true of a statement
    im a Steve Wozniak in a bill gates world

  6. #16
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250
    Quote Originally Posted by romanticcowboy View Post
    the difference between a hacker and a security expert is choice of what to do with the knowledge gained and or how you gain the knowledge in the first place
    I have to disagree with that.

    I use coffee in a way it was not designed. I use it to capture facebook chats. In essence I have hacked coffee.

    I use wireshark and nmap to test my firewall rules. Meaning I use these tools as they were designed to be used.

    Hacking is more about getting something to perform in a way that it was not designed to do.

    of course that is just my opinion.
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  7. #17
    Gonzo District BOFH westin's Avatar
    Join Date
    Jan 2006
    Location
    SW MO
    Posts
    1,188
    Quote Originally Posted by dinowuff View Post
    I have to disagree with that.

    I use coffee in a way it was not designed. I use it to capture facebook chats. In essence I have hacked coffee.

    I use wireshark and nmap to test my firewall rules. Meaning I use these tools as they were designed to be used.

    Hacking is more about getting something to perform in a way that it was not designed to do.

    of course that is just my opinion.
    I sort of view hacking like I view martial arts... you can use the skillset for good purposes or evil purposes. Hacking isn't necessarily about breaking into systems, or wreaking havoc... we have other words for that... words like criminal, or malicious...

    It is kind of like lockpicking. You don't want a criminal with lockpicking skills coming around your house... but if you lock yourself out, you call a locksmith, because he/she is a reputable person with the same skillset.
    \"Those of us that had been up all night were in no mood for coffee and donuts, we wanted strong drink.\"

    -HST

  8. #18
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Nah, it's like a Butcher Knife; You can slit a throat or build a meal
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

  9. #19
    THE Bastard Sys***** dinowuff's Avatar
    Join Date
    Jun 2003
    Location
    Third planet from the Sun
    Posts
    1,250
    [kung fu music playing]

    "Master - how does one defend against the syn attack"?
    "grasshopper - to learn encapsulation, one must first learn ip structure".

    [\kung fu music playing]
    09:F9:11:02:9D:74:E3:5B8:41:56:C5:63:56:88:C0

  10. #20
    AO BOFH: Luser Abuser BModeratorFH gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    *Punches through a solid brick Wall* Buahahahaha!
    Kill the lights, let the candles burn behind the pumpkins’ mischievous grins, and let the skeletons dance. For one thing is certain, The Misfits have returned and once again everyday is Halloween.The Misfits FreeBSD
    Cannibal Holocaust
    SuSE Linux
    Slackware Linux

Similar Threads

  1. Metasploit 2.6 Released
    By HTRegz in forum Network Security Discussions
    Replies: 8
    Last Post: May 26th, 2006, 03:03 PM
  2. nmap and metasploit glue project
    By LudakoT in forum IDS & Scanner Discussions
    Replies: 4
    Last Post: March 23rd, 2006, 03:43 AM
  3. Metasploit Flash Tutorial
    By Irongeek in forum The Security Tutorials Forum
    Replies: 18
    Last Post: November 20th, 2005, 09:31 PM
  4. Update on Metasploit and general thoughts on the tool
    By KuiXing-2005 in forum IDS & Scanner Discussions
    Replies: 2
    Last Post: February 21st, 2005, 11:51 PM
  5. Remotely lock or disable the keyboard and mouse
    By MAD_M@T in forum Newbie Security Questions
    Replies: 14
    Last Post: April 24th, 2003, 06:06 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides