When I'm setting the options for the reverse_https handler in metasploit, why would I set ExitOnSession to false and SessionCommunicationTimeout to 0? I don't fully understand the purpose. When I used those options it just kept opening meterpreter sessions until I closed the handler. And when ExitOnSession is false, why can I only use exploit -j and not exploit?
Asked
Active
Viewed 4,457 times
0
schroeder
- 123,438
- 55
- 284
- 319
pedro santos
- 153
- 2
- 12
2 Answers
2
When I'm setting the options for the reverse_https handler in metasploit why would I set ExitOnSession to false and SessionCommunicationTimeout to 0, and don't [fully] understand the purpose.
If SessionCommunicationTimeout is 0:
setting this to 0 will result in a session that will never timeout, which has some interesting uses
It will keep connecting back using the connection to the HTTPS endpoint.
And why when ExitOnSession is false I can only use exploit -j and not exploit?
Because the handler can continue running as a job, even in the case of a closed, or failed meterpreter session. It only applies to jobs(-j) as these are the only ones that run in the background.
For more info, see here.
SilverlightFox
- 33,408
- 6
- 67
- 178
1
If you set your multi handler to migrate processes on session creation and set exitonsession to true, it will create one session, migrate the process, close the port, and stop the creation of a ton of sessions.
that might do the trick.
standarduser
- 113
- 3