PDA

View Full Version : [HID] Sending reverse_https payload to an IP on a different network?



C1M7
2015-01-11, 07:05
How I can set up the HID attack to initiate a meterpreter session with both boxes on different networks? I have everything working flawlessly with both boxes on the same network but do you exploit a box that is connected to a different network. From research I know that it can be done with the reverse_http/s payloads and I have tried plugging in the IP from the different networks just to give it a shot, but obviously I don't get a meterpreter session. I know that the payload script will have to be hosted somewhere that it can be accessed like a web server and have the correct IP and port at the bottom where Invoke_Shellcode is, but how do I configure the payload to connect to a box on a different network?

russ
2015-01-11, 07:41
are you using the external IP addresses? and have you forwarded the ports on your router?

unknownpwn
2015-01-11, 09:33
Have you set LHOST to your public IP or 0.0.0.0? Also, have you tried setting ReverseListenerBindAddress to your local IP?

C1M7
2015-01-13, 14:43
Have you set LHOST to your public IP or 0.0.0.0? Also, have you tried setting ReverseListenerBindAddress to your local IP?


are you using the external IP addresses? and have you forwarded the ports on your router?

I am trying to send it to my laptop that would be on a different network connection than the victim box using my N7 as the exploit device. If I was set up at a place when I couldn't port forward the router, how would I go about that?

Do I find the external I of my kali box and would I need more than just the ReverseListenerBindAddress? I am able to get the victim box to download the payload and run but I just don't understand the way to set up the listener to receive the payload if I'm connected to a different network.

skycrazy
2015-01-13, 17:08
When creating payload, your home/kali box has an external ip and internal router ip. The payload has to have the external ip of the waiting kali box. The router your kali box is attached to needs the ports forwarded to your kali box internal ip. ..
Hope this helps. As always i could and am quiet often wrong :-)

C1M7
2015-01-13, 17:45
When creating payload, your home/kali box has an external ip and internal router ip. The payload has to have the external ip of the waiting kali box. The router your kali box is attached to needs the ports forwarded to your kali box internal ip. ..
Hope this helps. As always i could and am quiet often wrong :-)

I am thinking of it in the sense of lets say my kali box is hooked up to a coffee shops free wifi, which obviously I wouldn't have access to forward the ports. Would I be able to interact with metasploit still even though the router is not port forwarded? That is assuming of course that the HID attack is properly configured. I still need a little clarification on which IP to use, but if the router absolutely has to be port forwarded, then that definitely changes things.