is there any way to exit meterpreter without exit the process?

Question

I have a target process I'm injecting meterpreter shellcode (windows/meterpreter/reverse_tcp) into, I manage to get a shell but when I exit it, the process exits as well. Is there any easy way to make the process survive the meterpreter exit besides debugging the process and changing to shellcode manually?

I've added registers saving instructions (pushad, pushfd) at the beginning of the shellcode and registers restoring instructions followed by a trampoline at the end of the shellcode where the opcodes are instructing the process to jump back to some address, but the execution flow never reaches the end of the meterpreter shellcode and the process exits when I exit the meterpreter session.

Have you tried changing the meterpreter option `EXITFUNC` to `thread` when generating the meterpreter payload? — Khalid, May 18 '20 at 16:24
yes, unfortunately, my target application is single-threaded. — jony, May 20 '20 at 13:05

score 0 · Answer 1 · answered May 21 '21 at 13:22

0

The way I got around this personally, was just creating another session, moving to that session, and then exiting that session. Keeping my main session alive.

answered May 21 '21 at 13:22

RandomUser

1

Oh wait, there is a background command you can use to push your session into the background. – RandomUser May 21 '21 at 13:24

score -1 · Answer 2 · answered Sep 07 '21 at 13:49

-1

use the persistence module to upload & install payload to the registry hives of the OS. this will help reestablish connection with your target whenever you exit or the victim machine reboots/ shutdowns unexpectedly.

answered Sep 07 '21 at 13:49

mount

1

is there any way to exit meterpreter without exit the process?

2 Answers2