Searching Metasploit for port exploits

The Metaspolit Framework Console boasts over 1,700 exploits written into the database, but searching through those exploits to find the right one for your target can be daunting... except if you know how to drive the search parameters.

Post-Exploitation of Windows XP Host

In the two previous articles, we have created a Meterpreter Listener, and generated a Windows Payload which has created a reverse_shell to our listener. Now we are going to exploit that reverse_shell connection to establish a toehold in the compromised system.

Configuring a Meterpreter Listener

Meterpreter is a dynamically configurable payload which enables encrypted communications between target systems, and the payload listener. Compromised hosts on which Meterpreter have been executed may reverse_tcp to a command and control node, from which a malicious actor may communicate with the infected host to load further payloads, or explot the targetted system further.

Creating a Windows Meterpreter Reverse Connection

Now that we have a Meterpreter Listener on our Kali box, now we need to generate the payload to connect to the Windows Reverse TCP listener. This will take the form of an executable which will be run on the target system, which will in turn connect to our listener and allow further functions to be performed from within the infected host.