In the previous post i have written about how meterpreter works in steps.
Step 1: Apply exploit and send payload.
This step 1 is the stagers. The stagers contains reverse tcp ruby scripts or bind tcp scripts, the purpose is to first establish a client-server relationship, after client-server is established, an upload from attacker to victim machine will begin.
Step 2: upload dll injection payload
Step 3: upload meterpreter server dll payload.
step 2 and 3 are stages.
The reason to break a single process into several ones is because usually stages payloads are larger and could not fit into the overwritten buffer size, stagers payload however is smaller and can fit into the exploited buffer size.
Singles payloads are standalone payloads that do specific task and that’s it.
One thought on “Metasploit: Singles, Stagers, Stages”