Jump to content


Photo
- - - - -

Metasploit payloads


  • Please log in to reply
2 replies to this topic

#1 Presently Unknown

Presently Unknown

    Will I break 10 posts?

  • Members
  • 2 posts
  • Gender:Male
  • Location:Between Scylla and Charybdis

Posted 03 December 2011 - 06:09 PM

I was wondering if anyone knew if Metasploit payloads (i.e. bind shells, not reverse) follow a proxy back to the host if a proxy is set in the advanced settings. I've looked around (I even tried going through the source on github-- didn't end well), and I can't find an answer.


I'm happy to finally be on this forum, I've been a reader for awhile.

#2 mubix

mubix

    HACK THE PLANET!

  • Agents of the Revolution
  • 59 posts
  • Location:corporate hell

Posted 03 December 2011 - 06:47 PM

I was wondering if anyone knew if Metasploit payloads (i.e. bind shells, not reverse) follow a proxy back to the host if a proxy is set in the advanced settings. I've looked around (I even tried going through the source on github-- didn't end well), and I can't find an answer.


I'm happy to finally be on this forum, I've been a reader for awhile.



meterpreter's reverse_http and reverse_https payloads are the only Windows native payloads that obey the victim's proxy settings, and java payloads obey the victim's Java network settings. However I think what you were looking for was actually setting it on the attacker side and that's not something that is currently supported in any of the payloads to the best of my knowledge :-(

#3 serrath

serrath

    SUP3R 31337

  • Members
  • 181 posts
  • Country:
  • Gender:Male

Posted 05 December 2011 - 03:00 AM

You may be able to set up a script to run to set up certain proxy settings on the victim's computer as soon as meterpreter is installed, but I haven't looked into this.




BinRev is hosted by the great people at Lunarpages!