ghostman_123 Posted October 15, 2017 Posted October 15, 2017 Hey just wondering if anyone can offer some advice. I am new to hacking and am loving it so far. I have started doing a hacking course I found online. But I have run into a wall. Whenever I go to run an exploit I always get the error code multi handler failure to bind or bad config. I have searched and there are a million different opinions. And I have tried changing the ports apache2 listens on. I have reinstalled kali multiple time. I have tried it on vm and and as my os. I have changed the settings in my vm from nat to nat network and even bridged. And I have run out of ideas ? Any advice would be greatly appreciated. Quote
i8igmac Posted October 16, 2017 Posted October 16, 2017 not sure if kali needs sudo. Bit give it a try sudo msfconsole Also you should not use a port that kali currently has in use by other services. Type netstat -ntlp this shows ports currently in use Quote
digip Posted October 16, 2017 Posted October 16, 2017 Change the attack from bind, to a reverse shell. See if that helps. Quote
ghostman_123 Posted October 16, 2017 Author Posted October 16, 2017 Okay so I have used the netstat -ntlp and there is nothing running on port 8079. And I am using a windows/shell/reverse_tcp. And it is still failing... this is the error I get Quote
ghostman_123 Posted October 16, 2017 Author Posted October 16, 2017 handler failed to bind to 192.168.11.39:8079 handler failed [bad config]:Rex:BindFailed The address is already is in use or unavaliable I also checked the ports and the only thing running is apache2 on port 8079 is this okay to try it on this port. I thought before it was something else running on port 8080 which might have been the issue. Also this is the payload I was using in veil-evasion native/backdoor_factory And then in msfconsole use exploit/multi/handler set PAYLOAD windows/shell/reverse_tcp Quote
i8igmac Posted October 16, 2017 Posted October 16, 2017 Just a quick test. Set RPORT to its default 4444. If I read your post correctly, you said apache is on port 8079 and your handler faild to bind to this port because it is already in use? Quote
digip Posted October 16, 2017 Posted October 16, 2017 If trying a bind to a port already in use on the victim machine, it will fail, since that port as you mentioned, has apache running on it. You need to bind to a port not in use. It's generally easier, to use a reverse shell, so that the victim calls to you and passes the shell back to you on the port YOU listen on, vs a port the VICTIM listens on. If you ran netstat locally, you are only seeing your ports, not the victim. you'd have to run netstat on the victim machine to see what ports it is using and which you could bind to, which again, using a reverse shell, helps alleviate this so long as you listen locally, on a port not in use already. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.