42. UUID Tracking
Embed Universally Unique ID in payloads
● Makes a payload identifiable
● Track which EXE got this session
Generate unique machine ID for each session
● Makes a machine identifiable
● Track whether we’ve popped this box before
42
43. Paranoid Mode
Set a real TLS cert for payload handlers
● Verify it from Meterpreter side
● Bail if we’re being MitM’d
Whitelist UUIDs in the handler
● Don’t start sessions for
things that aren’t a payload
43
45. Runtime Transport Control
reverse_tcp vs reverse_http vs reverse_https
Bind
● tcp://:8000/
IPv6
● tcp6://fe80::82e6:50ff:fe08:2e50:8000?en0
HTTP(S)
● https://1.2.3.4/<generated URI>
45