Jump to content

How to use bypassuac exploit on a target with ngrok port forwarding?(Metasploit)


Recommended Posts

I can't access my router interface because of our internet company's policies. so im port forwarding with ngrok to open a reverse tcp meterpreter shell on target.

But problem is there's not any system authorized process on the target, post getsystem fails. So I use bypassuac exploits, up to date one is windows/local/bypassuac_comhijack.

So i use it and set lhost as x.tcp.ngrok.io and as lport i use the port i forwarded(localport). But it says [*]Exploit completed, but no session was created. at the end.

I tried lots of combinations like changing the port the one ngrok gave to me etc. but none of them worked.(I set ExitOnSession to false, choose the payload i used while creating the paylaoad (windows/x64/meterpreter/reverse_tcp) and it's not about exploit, this happens at every in system exploit)

I don't know what to do anymore, can anyone using ngrok with metasploit or someon knows about these talk with me here? I need detailed help or a good alternative way of using ngrok to port forward.

Link to comment
Share on other sites

The first thing I would do is to ditch Metasploit and test it all out with netcat.

Run a listener internally, set up your ngrok, then try to connect to it using netcat on the outside.

That will help you get an idea of how it is all working and to debug it in a much cleaner way.

  • Upvote 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
  • Create New...