Listening for Connections

In order to utilize the reverse payload for the backdoor we created, it is necessary to establish an open port on our Kali machine to allow for the target machine to connect to it. The specific port we designated for the backdoor during its creation was 8080, thus it is crucial that we open port 8080 on our Kali machine. The payload we selected for this scenario is named meterpreter/rev_https.

Let’s divide our screen and start listening for incoming connections using the Metasploit framework. We can run Metasploit by using the msfconsole command, which will generate output resembling the screenshot provided.

In order to initiate the process of listening for incoming connections, we must execute a module within Metasploit known as exploit/multi/handler. To launch this module, please use the provided command.

listening-for-connections2

After launching the command, proceed to the exploit/multi/handler module and utilize the “set” command to specify the payload, as this is a crucial aspect of this module. To set the payload as windows/meterpreter/reverse_https, please use the provided command.

listening-for-connections3

Next, we’ll use the “show options” command to check if the payload has been updated to “windows/meterpreter/reverse_https,” as seen in the screenshot given.

listening-for-connections4

To set the LHOST to the IP address of our Kali machine, we will use the provided command.

listening-for-connections5

Before proceeding any further, we need to ensure that our payload, host, and port settings are correctly configured to match the values that were initially generated with the backdoor, as depicted in the following instructions.

listening-for-connections6

All that remains is to execute the “exploit” command. At this point, Metasploit will be in a state of readiness, actively listening for an incoming connection on port 8080 and specifically on the IP address of our Kali machine, which is indicated as 10.0.2.15 in the accompanying screenshot. Once a successful connection is established, we will be able to assume control of the targeted computer.

listening-for-connections7

To expand your knowledge on Ethical Hacking topics such as Listening for Connections, we encourage you to stay connected with us @ tutorials.freshersnow.com by visiting frequently. This way, you can remain informed and up-to-date on the latest information in this field.