When I exploit a service with Metasploit and expect a meterpreter reverse shell, where is my meterpreter session located on the target machine? Is it within the allocated memory of the exploited service?
Asked
Active
Viewed 45 times
0
-
If you're exploiting a service, e.g. via a buffer overflow, it would find write the meterpreter bytes to memory and then direct execution to the payload in the memory space of the exploited service as you suggest. You can migrate to a different PID if you like. – deletehead Sep 14 '22 at 12:43