Jump to content

Cannot exploit elasticsearch on Metasploitable3


pro_dk

Recommended Posts

I am a newbie to security and have started my learning by downloading Metasploitable 3 and trying to get into it using Metasploit's "script_mvel_rce" module to exploit Elasticsearch 1.1.1

At my home the exploit works and I get meterpreter shell with the following (in first trial without any glitches): VirtualBox 5.1.14, Metasploitable 3, Kali 2016.1, No proxies

However at work, we have a corporate proxy for internet access, Windows Firewall turned on (that I am not allowed to change) and Symantec AV. However, for host only networks, it should not be an issue (I guess) once the downloads are all done and setup is done. The setup at work is: VirtualBox 5.1.26, Metasploitable 3, Kali 2017.1

When I try to use the same exploit, the Meterpreter shell gets closed immediately. 

msf exploit(script_mvel_rce) > exploit

[*] Started reverse TCP handler on 192.168.56.102:4444 
[*] Trying to execute arbitrary Java...
[*] Discovering remote OS...
[+] Remote OS is 'Windows Server 2008 R2'
[*] Discovering TEMP path
[+] TEMP path identified: 'C:\Windows\TEMP\'
[*] Sending stage (49645 bytes) to 192.168.56.101
[*] Meterpreter session 1 opened (192.168.56.102:4444 -> 192.168.56.101:50385) at 2017-09-07 02:18:39 -0400
[*] 192.168.56.101 - Meterpreter session 1 closed.  Reason: Died
^C[!] This exploit may require manual cleanup of 'C:\Windows\TEMP\UBB.jar' on the target
[*] Exploit completed, but no session was created.

I tried all the following: (1) compared the metasploit module from home setup (on Kali 2016.1) to that at home (Kali 2017.1). apart from minor print format differences, the module seems similar (2) disabled firewall on metasploitable 3 (3) disabled host-only network adapter on my host pc (my work computer) (4) ping work fine (when firewall disabled) between Kali and MS3 and back (5) on metasploitable 3, I can see a java process running taking high cpu usage

Can someone please suggest what should be my next step to succeed with this exploit?

Thanks in advance

FYI, I have posted same question on StackOverflow, but no one replied:

https://security.stackexchange.com/questions/168867/cannot-exploit-elasticsearch-on-metasploitable3

 

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...