Security Research

by Alexander Sotirov

Navigation

Resources

Latest posts

• Assured Exploitation 2011
• You Should Work for Symantec
• CSAW final challenge
• CSAW reversing challenge
• Darknet design

Archives

• 2011 | 2010 | 2009 | 2008

Follow

• Twitter
• Blog feed

Contact

• alex@sotirov.net
• PGP key

Meet me at

• CanSecWest

  Vancouver, Mar 9-11

• Infiltrate

  Miami Beach, Apr 16-17

Meterpreter service

This is a network service wrapper for the Meterpreter. It can be used as a Windows service, or run as a command line application.

Version 1.0 was released on May 29, 2007. The distribution contains source code under a BSD license.

Downloads

• metsvc-1.0.zip (PGP .sig)

Compilation

You'll need GNU make and Visual C++. Go to the src directory and run make.

Installation

1. Copy metsvc.exe and metsvc-server.exe from the current directory to the installation directory.
2. Copy metsrv.dll from Metasploit to the installation directory.
3. To register the Meterpreter as a service, go to the installation directory and run:

   metsvc.exe install-service
   	

Usage

If you registered the Meterpreter as a Windows service, it will start automatically. Otherwise, you have to start it manually by running metsvc.exe.

Once the Meterpreter is running, you can test it using the included test.rb script. It will connect to the Meterpreter and run the sysinfo command:

$./test.rb 192.168.70.12 31337

* Initializing Meterpreter
* Loading Stdapi
* System info:
{"OS"=>"Windows XP (Build 2600, Service Pack 2).", "Computer"=>"VM-WINXPPRO"}
* Closing socket

Uninstallation

If you registered the Meterpreter as a Windows service, you need to stop it and remove the service by running:

metsvc.exe remove-service

Then simply delete all files.