Javatpoint Logo
Javatpoint Logo

Methods to Maintain access

In the previous section, we had seen that when the target user restarted the computer, we would lose our connection. We used a normal backdoor that's why, when the computer restarted, our backdoor would be terminated, the process would be terminated, and we would lose our connection. But in this section, we are going to discuss the methods that will allow us to maintain our access to the target computer. We are going to use a normal HTTP reverse Mterepreter undetectable backdoor that we created previously. We are going to inject it as a service so that it will run every time the target user run their computer and it will try to connect back to us at certain intervals. To do this, we will run background command and interact with the session on number 2.

We are going to run a module using the command use exploit/windows/local/persistence. It is like a multi-handler module that comes with Metasploit. After this command, we will run the show options command to see what we need to configure, as shown in the following screenshot:

Methods to Maintain access

The first thing that we are going to look at DELAY, it is the number of seconds during which the target will try to connect back to us. It is set as 10, that means every 10 seconds, the target computer will try to connect back to us. Now, we are going to set EXE_NAME. It is the name that will show up under the processes where the connection is responding back from. We will set EXE_NAME to browse.exe to make it less detectable. The command is as follows:

Methods to Maintain access

The PATH where the backdoor or payload will be installed, and it will stay the same. The REG_NAME is the register entry, and it will also stay the same. The SESSION specifies the session, if we run the session -l command, it will list of the available sessions, as shown in the following screenshot:

Methods to Maintain access

Now we are going to set the SESSION as 2 using the following command:

Methods to Maintain access

The STARTUP will be left as USER, for the user privileges. Now, we are going to run show options. In the following screenshot, we can see that browser.exe and session number 2 are set properly:

Methods to Maintain access

Now, we are going to specify the payload that will be injected as a service. To do this we will run the show advanced command, and it will show us the advanced options that we can set up for this particular module. In the following screenshot, we are interested in EXE::Custom, which indicates that we are going to use a custom .exe to run and inject into the target computer as a service:

Methods to Maintain access

We are going to set EXE::Custom to /var/www/html/backdoor.exe, so that we can run our backdoor that stored in /var/www/html/backdoor.exe. The command is as follows:

Methods to Maintain access

Now, we will run show advanced command, and see that it was set up properly, as shown in the following screenshot:

Methods to Maintain access

Now, we are going to run exploit command. It will upload /var/www/html/backdoor.exe onto the target computer, using the session that we specified, which is 2. In the following screenshot, we can see that it has been uploaded and installed:

Methods to Maintain access

If we don't want the backdoor on the target computer anymore, we can use the resource file to delete it. We can store the RC file as shown in the preceding screenshot into the Leafpad so that we can run it in the future and delete our backdoor.

If we run session -l command, it will show the available sessions, and we can interact with it. Using the session -k command, we can kill that session.

Now, if we run list command, we will see that we have no connection with the target computer. Using our exploit multi-handler, we can listen for an incoming connection.

If we run exploit, and the hacked computer is already booted, we will get a connection straightway, because our target has been injected into the target computer on port 8080 on reverse_http. Now to make sure, we will start our Window machine. To make sure that we will always have a connection to it, we are going to restart the target Windows computer. At every 10 seconds, our Kali machine will try to connect back to it, no matter how many times the Windows machine is shut down or restarted. We will now run our Meterpreter handler and wait for a connection. And then run the exploit command to listen, it will take a maximum of 10 seconds to get a connection back. In the following screenshot, we can see that we received a connection to the target computer, and now we have full access to that computer:

Methods to Maintain access
Next TopicWhat is a Website




Youtube For Videos Join Our Youtube Channel: Join Now

Feedback

Help Others, Please Share

facebook twitter pinterest

Learn Latest Tutorials

Splunk tutorial

Splunk
SPSS tutorial

SPSS
Swagger tutorial

Swagger
T-SQL tutorial

Transact-SQL
Tumblr tutorial

Tumblr
React tutorial

ReactJS
Regex tutorial

Regex
Reinforcement learning tutorial

Reinforcement Learning
R Programming tutorial

R Programming
RxJS tutorial

RxJS
React Native tutorial

React Native
Python Design Patterns

Python Design Patterns
Python Pillow tutorial

Python Pillow
Python Turtle tutorial

Python Turtle
Keras tutorial

Keras

Preparation

Aptitude

Aptitude
Logical Reasoning

Reasoning
Verbal Ability

Verbal Ability
Interview Questions

Interview Questions
Company Interview Questions

Company Questions

Trending Technologies

Artificial Intelligence

Artificial Intelligence
AWS Tutorial

AWS
Selenium tutorial

Selenium
Cloud Computing

Cloud Computing
Hadoop tutorial

Hadoop
ReactJS Tutorial

ReactJS
Data Science Tutorial

Data Science
Angular 7 Tutorial

Angular 7
Blockchain Tutorial

Blockchain
Git Tutorial

Git
Machine Learning Tutorial

Machine Learning
DevOps Tutorial

DevOps

B.Tech / MCA

DBMS tutorial

DBMS
Data Structures tutorial

Data Structures
DAA tutorial

DAA
Operating System

Operating System
Computer Network tutorial

Computer Network
Compiler Design tutorial

Compiler Design
Computer Organization and Architecture

Computer Organization
Discrete Mathematics Tutorial

Discrete Mathematics
Ethical Hacking

Ethical Hacking
Computer Graphics Tutorial

Computer Graphics
Software Engineering

Software Engineering
html tutorial

Web Technology
Cyber Security tutorial

Cyber Security
Automata Tutorial

Automata
C Language tutorial

C Programming
C++ tutorial

C++
Java tutorial

Java
.Net Framework tutorial

.Net
Python tutorial

Python
List of Programs

Programs
Control Systems tutorial

Control System
Data Mining Tutorial

Data Mining
Data Warehouse Tutorial

Data Warehouse