HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 46 guests and 1 member online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Network Pen Testingarrow CEH - Certified Ethical Hackerarrow php/meterpreter Redirection after session !!
EH-Net
May 21, 2013, 01:04:50 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: php/meterpreter Redirection after session !!  (Read 5559 times)
0 Members and 1 Guest are viewing this topic.
rebrov
Full Member
***
Offline Offline

Posts: 130



View Profile
« on: October 01, 2011, 03:06:31 AM »
is there anyway to redirect victim at php/meterpreter payload after opening session ??

like he clicked the .php link and session is opened , how to redirect him after session opened like iframe in ettercap ??

i tried to edit the .php file created with metasploit with link redirection but didn't work :S
Logged
hayabusa
Hero Member
*****
Offline Offline

Posts: 1631



View Profile
« Reply #1 on: October 01, 2011, 11:06:42 AM »
What, exactly, are you trying to redirect the victim to?  What is the end goal?
Logged
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

OSCE, OSCP , GPEN, C|EH
rebrov
Full Member
***
Offline Offline

Posts: 130



View Profile
« Reply #2 on: October 02, 2011, 03:55:13 AM »
the end goal is to redirect him to the original site ,, like iframe he is openning normal webpage and u act ur self like a router , to redirect him to his original request thats all

but in this technique he will be redirect after been exploited to the original link path he clicked on ??
Logged
MaXe
Hero Member
*****
Offline Offline

Posts: 669


I've just upgraded myself to a cyborg muahahaa!!1


View Profile WWW
« Reply #3 on: October 02, 2011, 11:08:49 AM »
Quote from: rebrov on October 02, 2011, 03:55:13 AM
the end goal is to redirect him to the original site ,, like iframe he is openning normal webpage and u act ur self like a router , to redirect him to his original request thats all

but in this technique he will be redirect after been exploited to the original link path he clicked on ??

In the PHP file, add the following code right after the PHP meterpreter has been initialized:
header("Location: http://whatever.tld");

Then in the Meterpreter, you make sure it migrates to another file first by writing your own script and then make it call itself again on perhaps another listening process (multi/handler).

I have no exact way to do this, as I've never done but that is how you could do it.

All you gotta do, is to learn some basic Meterpreter scripting, and some very basic PHP so you understand how it functions.

Preferably you research this first on your own.

Remember, this forum is for educational and ethical purposes only.
Logged
I'm an InterN0T'er
rebrov
Full Member
***
Offline Offline

Posts: 130



View Profile
« Reply #4 on: October 02, 2011, 05:40:16 PM »
Quote from: MaXe on October 02, 2011, 11:08:49 AM
Quote from: rebrov on October 02, 2011, 03:55:13 AM
the end goal is to redirect him to the original site ,, like iframe he is openning normal webpage and u act ur self like a router , to redirect him to his original request thats all

but in this technique he will be redirect after been exploited to the original link path he clicked on ??

In the PHP file, add the following code right after the PHP meterpreter has been initialized:
header("Location: http://whatever.tld");

Then in the Meterpreter, you make sure it migrates to another file first by writing your own script and then make it call itself again on perhaps another listening process (multi/handler).

I have no exact way to do this, as I've never done but that is how you could do it.

All you gotta do, is to learn some basic Meterpreter scripting, and some very basic PHP so you understand how it functions.

Preferably you research this first on your own.

Remember, this forum is for educational and ethical purposes only.

thanks and yes i always learn for knowledge not for hacking it self Smiley

and ofcourse its for educational and ethical purposes only .
Logged
jeffersonkane
Newbie
*
Offline Offline

Posts: 5


View Profile
« Reply #5 on: December 10, 2011, 07:32:09 AM »
I have no exact way to do this, as I've never done but that is how you could do it. All you gotta do, is to learn some basic Meterpreter scripting, and some very basic PHP so you understand how it functions.
Logged
r4 3ds
Ignatius
Jr. Member
**
Offline Offline

Posts: 91


View Profile
« Reply #6 on: December 10, 2011, 01:41:24 PM »
This sounds an interesting idea.  I'm surprised that the development folks haven't thought about this and implemented it already.  Of course, they might have and discounted it for some reason!
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.087 seconds with 24 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.