HTTPs Meterpreter

Overview

HTTPs Meterpreter is a type of Meterpreter shell that uses HTTPs protocol for communication between the attacker and the target system. This type of shell is commonly used in situations where the attacker needs to bypass firewall or network restrictions that may prevent other types of shells, such as reverse TCP or bind TCP, from working properly.

Generating your own self signed certificate

To generate your own self signed certificate: 

openssl req -new -x509 -nodes -out cert.crt -keyout priv.key

In order for the Metasploit to use the cert we will concatinate the private and public key to create us a .pem file

cat priv.key cert.crt > rfc.pem

We also must change the CipherString in the /etc/ssl/openssl.cnf config file or our reverse HTTPS shell will not work properly.

First, we will locate this line in the config file:

CipherString=DEFAULT@SECLEVEL=2

and change to to:

CipherString=DEFAULT

Finally, we can set it in our Metasploit instance: 

set StagerVerifySSLCert true
set HandlerSSLCert /home/kali/self_cert/rfc.pem

Msfconsole generate payload

To generate a Meterpreter payload:

References

https://ppn.snovvcrash.rocks/pentest/c2/meterpreterppn.snovvcrash.rocks
PreviousMetasploitNextWin32 APIs

Last updated