.

php/meterpreter Redirection after session !!

<<

rebrov

User avatar

Full Member
Full Member

Posts: 130

Joined: Mon May 11, 2009 4:00 pm

Post Sat Oct 01, 2011 3:06 am

php/meterpreter Redirection after session !!

is there anyway to redirect victim at php/meterpreter payload after opening session ??

like he clicked the .php link and session is opened , how to redirect him after session opened like iframe in ettercap ??

i tried to edit the .php file created with metasploit with link redirection but didn't work :S
<<

hayabusa

User avatar

Hero Member
Hero Member

Posts: 1662

Joined: Mon Jan 29, 2007 2:59 pm

Post Sat Oct 01, 2011 11:06 am

Re: php/meterpreter Redirection after session !!

What, exactly, are you trying to redirect the victim to?  What is the end goal?
~ hayabusa ~ 

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'


OSCE, OSCP , GPEN, C|EH
<<

rebrov

User avatar

Full Member
Full Member

Posts: 130

Joined: Mon May 11, 2009 4:00 pm

Post Sun Oct 02, 2011 3:55 am

Re: php/meterpreter Redirection after session !!

the end goal is to redirect him to the original site ,, like iframe he is openning normal webpage and u act ur self like a router , to redirect him to his original request thats all

but in this technique he will be redirect after been exploited to the original link path he clicked on ??
<<

MaXe

User avatar

Hero Member
Hero Member

Posts: 671

Joined: Tue Aug 17, 2010 9:49 am

Post Sun Oct 02, 2011 11:08 am

Re: php/meterpreter Redirection after session !!

rebrov wrote:the end goal is to redirect him to the original site ,, like iframe he is openning normal webpage and u act ur self like a router , to redirect him to his original request thats all

but in this technique he will be redirect after been exploited to the original link path he clicked on ??


In the PHP file, add the following code right after the PHP meterpreter has been initialized:
header("Location: http://whatever.tld");

Then in the Meterpreter, you make sure it migrates to another file first by writing your own script and then make it call itself again on perhaps another listening process (multi/handler).

I have no exact way to do this, as I've never done but that is how you could do it.

All you gotta do, is to learn some basic Meterpreter scripting, and some very basic PHP so you understand how it functions.

Preferably you research this first on your own.

Remember, this forum is for educational and ethical purposes only.
I'm an InterN0T'er
<<

rebrov

User avatar

Full Member
Full Member

Posts: 130

Joined: Mon May 11, 2009 4:00 pm

Post Sun Oct 02, 2011 5:40 pm

Re: php/meterpreter Redirection after session !!

MaXe wrote:
rebrov wrote:the end goal is to redirect him to the original site ,, like iframe he is openning normal webpage and u act ur self like a router , to redirect him to his original request thats all

but in this technique he will be redirect after been exploited to the original link path he clicked on ??


In the PHP file, add the following code right after the PHP meterpreter has been initialized:
header("Location: http://whatever.tld");

Then in the Meterpreter, you make sure it migrates to another file first by writing your own script and then make it call itself again on perhaps another listening process (multi/handler).

I have no exact way to do this, as I've never done but that is how you could do it.

All you gotta do, is to learn some basic Meterpreter scripting, and some very basic PHP so you understand how it functions.

Preferably you research this first on your own.

Remember, this forum is for educational and ethical purposes only.


thanks and yes i always learn for knowledge not for hacking it self :)

and ofcourse its for educational and ethical purposes only .
<<

jeffersonkane

Newbie
Newbie

Posts: 5

Joined: Sat Dec 10, 2011 7:37 am

Post Sat Dec 10, 2011 8:32 am

Re: php/meterpreter Redirection after session !!

I have no exact way to do this, as I've never done but that is how you could do it. All you gotta do, is to learn some basic Meterpreter scripting, and some very basic PHP so you understand how it functions.
<<

Ignatius

Jr. Member
Jr. Member

Posts: 91

Joined: Sun Mar 22, 2009 9:51 am

Post Sat Dec 10, 2011 2:41 pm

Re: php/meterpreter Redirection after session !!

This sounds an interesting idea.  I'm surprised that the development folks haven't thought about this and implemented it already.  Of course, they might have and discounted it for some reason!

Return to CEH - Certified Ethical Hacker

Who is online

Users browsing this forum: No registered users and 0 guests

.
Powered by phpBB® Forum Software © phpBB Group.
Designed by ST Software