Jump to content

Recommended Posts

Posted

Hello everyone!

Super new here and have started going through some metasploit tutorials. Of course I have managed to run into an issue that I have not seen any tutorial run into. After I set my RHOST and RPORT and exploit it it sits at

[*] Started reverse double handler

And then goes back to the regular msf command line. I have attempted this attack from my laptop to the VM running on my desktop of metasploitable, as well as from the VM Kali linux running on my desktop, both results were the exact same. Does anyone have any idea where I should start? I have attached a file of what I am stuck looking at.

post-49471-0-55985600-1420309536_thumb.p

Posted

I don't know how your network is setup but is your remote host (192.168.2.1) also your router? Did you intend on attacking that remote host?

Also, typically when you exploit a vulnerability the console will tell you if it was successful and other times it won't tell you anything if it was not successful. My guess is that the exploit is failing because the remote system is not vulnerable. That is why you aren't seeing any response and can't execute any statements. Do some research on the exploit and make sure the remote system is actually vulnerable.

Posted

It should be. I was following a long a tutorial. When I nmap my router it it shows the open and vulnerable ports of the metasploitable thats set up on my Desktop through Virtual Machine Box. Whether I exploit it from my laptop or from my Kali Linux Virtual box on my desktop it will go back to the msf command line regardless. When I am following the tutorial nmap is showing me the same that they are seeing, and everything works just the same until I actually apply the exploit.

Posted

And you know for a fact that the service running on your Desktop is exploitable?

A port is just an access point. If the service listening behind it has been patched already you won't be getting nowhere, nmap results notwithstanding. For example, a customer of ours runs RHEL that ships with Apache 2.2 but to interact with our software we demand that to be 2.4. Security, latest version of everything, blah blah blah all a bunch of BS because RedHat is backporting all the security-related fixes onto their 2.2 install. No idea how that is incorporated in the version number so it might not be entirely obvious this is what's happening. Maybe you should detail the service you're trying to hack?

Posted

The description of the exploit in the screenshot states it is for "Samba versions 3.0.20 through 3.0.25rc3 when using the non-default 'username map script' configuration option". I think Pantz is attacking a version that is not vulnerable.

Posted

Ah.

On the Desktop machine, the one you're trying to hack, run smbstatus (as root) and if samba is running it should tell you what version it is.

Posted

Ill make a suggestion

install a damn vuln operating system in another vm

Perform a nmap scan to discover services running .

Launch some exploits against the services

The exploits are software version specific...

You will learn the basics

Posted

Ill make a suggestion

install a damn vuln operating system in another vm

Perform a nmap scan to discover services running .

Launch some exploits against the services

The exploits are software version specific...

You will learn the basics

He said he is running metasploitable which is a vulnerable version of ubuntu used to learn the basics. I'm still not sure if he is attacking the right system though. I don't know how his network is set up but I don't think metasploitable would sit at 192.168.2.1.

Posted

Im sorry. sometimes i do that... my eyes quick scan the forum... what kind of machines are involved? windows-msf? vs exploitable

on your windows machine type ipconfig,

on your exploitable type ifconfig

you should find ip address's that look like

192.168.1.100

10.0.0.100

depending on your vm setup, there are a few ways of setting up the network... you must first see if they can communicate with each other

your exploitable is running a apache web server im sure, see if your machine can connect to it threw the web browser

http:// ip of exploit able 10.0.0.100 /

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...