colejustin Posted April 27, 2017 Share Posted April 27, 2017 Building on the idea of having access to all resources in a target network using OpenVPN, is there a way to catch reverse shells through the LAN Turtle coming back to Metasploit that is connected to the same VPN? Scenario: I have planted the LAN Turtle in a client's network for a pen test engagement. I can ping targets in the client network without any issues, even RDP to some of them. But if I try to use an exploit from Metasploit with a meterpreter reverse shell payload, I don't get the shell back. I'm guessing this is because the clients in the target network are not aware of the route back to my Kali box that sits on the VPN. I've also tried to set the internal IP address of the LAN Turtle (that it picks up from the client's DHCP server) as the LHOST, but I don't think the LAN Turtle knows what to do with the reverse connection once it gets it. Is there some sort of iptables trickery that I can use to forward to reverse shell back to my Kali box that's connected to the VPN? Or is there another way altogether to get the reverse shell back? Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.