Metasploit: Singles, Stagers, Stages

In the previous post i have written about how meterpreter works in steps.

Step 1: Apply exploit and send payload.

This step 1 is the stagers. The stagers contains reverse tcp ruby scripts or bind tcp scripts, the purpose is to first establish a client-server relationship, after client-server is established, an upload from attacker to victim machine will begin.

Step 2: upload dll injection payload

Step 3: upload meterpreter server dll payload.

step 2 and 3 are stages.

The reason to break a single process into several ones is because usually stages payloads are larger and could not fit into the overwritten buffer size, stagers payload however is smaller and can fit into the exploited buffer size.

Singles payloads are standalone payloads that do specific task and that’s it.



One thought on “Metasploit: Singles, Stagers, Stages

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s