Knowledge Base

Ask A Question

Questions

0

Reverse shell over WAN

Hey all, I've been playing around with the reverse http payloads on my Kali machine. Now inside the LAN I've configured them all good, everything's very simple. However when configuring the payload to work over WAN, I've configured as following : On the payload itself : Lhost - Public IP (The WAN leg of my router) Lport - My external port On the handler itself : Lhost - Private IP (The IP of the kali machine at the router's internal LAN interface 10.0.0.0/24 range) Lport - Same as my external port, though it makes no difference since I'm using port forwarding and can set it to whatever I like. On the router I've configured forwarding from the external port to the handler's IP and port configured. I've done port forwarding to another server in my LAN, and it works great for the past few months. If I use the reverse shell on a workstation inside the LAN (For example 10.0.1.15), even though the payload sends the shell to the router WAN leg (72.x.x.x) it still reaches the handler (10.0.0.200) However when attempting to do so from outside the LAN, nothing happens. For testing purposes I've put up an apache service on the kali machine, set it up and made it accessible from the LAN. Set up port forwarding to it, and tested accessing it from the public IP. When I've tried from the LAN, it worked. But when attempting to access it from the WAN, the browser says the response took too long, behaving like the packet got dropped from a firewall. This behavior sounds more related to the specific Kali machine I'm using, however I've disabled it's firewall (Which it didn't have to begin with, downloaded ufw and then disabled it lol). TL;DR My Kali machine responds to requests sent to the WAN IP if being requested from a LAN station, but does not respond to requests sent to the WAN IP from a WAN station. Will appreciate any attempt to help!

Posted by Yigal van Dongen about a year ago

2

Could not start the nxpgsql daemon

Hi All, After fresh installation of Rapid7 Nexpose, when starting the application the following error is observed, of which Nexpose Security Console runs in maintenance mode: 2017-11-13T01:32:15 [INFO] [Thread: Security Console] PostgreSQL service status: 0. 2017-11-13T01:32:16 [INFO] [Thread: Security Console] PostgreSQL service status: 0. 2017-11-13T01:32:17 [INFO] [Thread: Security Console] PostgreSQL service status: 0. 2017-11-13T01:32:18 [ERROR] [Thread: Security Console] Database initialization failed java.sql.SQLException: Error starting PostgreSQL: com.rapid7.os.OSException: Could not start the nxpgsql daemon at com.rapid7.nex.system.db.PostgresDB.startupDBSystem(PostgresDB.java:898) ~[system-9.0.13.jar:na] at com.rapid7.nexpose.datastore.DBManager.getDB(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.datastore.DBManager.getDB(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.datastore.DBManager.initialize(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.nsc.NSC.initDatabase(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.initCriticalSubsystems(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.initSubsystems(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.run(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.main(Unknown Source) [nsc.jar:na] Caused by: com.rapid7.os.OSException: Could not start the nxpgsql daemon at com.rapid7.nex.system.db.PostgresDB.startDBService(PostgresDB.java:997) ~[system-9.0.13.jar:na] at com.rapid7.nex.system.db.PostgresDB.startupDBSystem(PostgresDB.java:888) ~[system-9.0.13.jar:na] ... 8 common frames omitted 2017-11-13T01:32:18 [INFO] [Thread: Security Console] Adding maintenance task DBConfig 2017-11-13T01:32:18 [INFO] [Thread: Security Console] Initializing update processor... 2017-11-13T01:32:18 [INFO] [Thread: Security Console] Security Console is launching in Maintenance Mode. Disabling update processing. 2017-11-13T01:32:18 [INFO] [Thread: Security Console] Completed update processor initialization. 2017-11-13T01:32:18 [ERROR] [Thread: Security Console] A critical error occured during initialization java.lang.NullPointerException: null at com.rapid7.nexpose.datastore.DBManager.initializePool(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.datastore.DBManager.initializePool(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.datastore.DBManager.registerAdminPool(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.datastore.DBManager.getAdminDataSourceInternal(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.datastore.DBManager.getAdminDataSource(Unknown Source) ~[nxshared.jar:na] at com.rapid7.nexpose.nsc.NSC.setupLicenseManagerDeps(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.initCriticalSubsystems(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.initSubsystems(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.run(Unknown Source) [nsc.jar:na] at com.rapid7.nexpose.nsc.NSC.main(Unknown Source) [nsc.jar:na] 2017-11-13T01:32:18 [INFO] [Thread: Security Console] Adding maintenance task NexposeRecovery 2017-11-13T01:32:18 [INFO] [Thread: Security Console] Reinitializing web server for maintenance mode... 2017-11-13T01:32:18 [INFO] [Thread: Security Console] Stopping ProtocolHandler ["http-nio-3780"] 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Destroying ProtocolHandler ["http-nio-3780"] 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Initializing ProtocolHandler ["http-nio-3780"] 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Using a shared selector for servlet write/read 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Starting ProtocolHandler ["http-nio-3780"] 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Accepting web server logins. 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Found a pending maintenance task: NexposeRecovery 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Entering maintenance mode, only administrator logins permitted. 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Maintenance Task Started 2017-11-13T01:32:19 [INFO] [Thread: Security Console] Accepting console commands. 2017-11-13T01:32:20 [INFO] [Thread: Security Console] [Started: 2017-11-13T01:29:19] [Duration: 0:03:00.909] Security Console started. Operating System: Red Hat Enterprise Linux Server release 6.9 (Santiago) Oracle Linux Server release 6.9 Any help and assistance would be greatly appreciated. Thanks, Craig Wilkinson

nexpose

Posted by Craig Wilkinson about a year ago