Metasploit mailing list archives
portfwd bug - Won't bind to local address
From: huperdefigo at gmail.com (Mark Baggett)
Date: Sun, 8 Feb 2009 19:41:58 -0500
Is there a bug in portfwd that prevents it from binding to the local meterpreter address? I have tried this on both a vanilla Windows 2000 and a Windows XP SP2 host running meterpreter and I get the same results. Am I doing something wrong or is this a bug? When you run portfwd and don't provide the OPTIONAL -L ip address it appears to work. You get something like this.. meterpreter > portfwd add -l 6666 -r 192.168.1.1 -p 80 [*] Local TCP relay created: 0.0.0.0:6666 <-> 192.168.1.1:80 But nothing is listening on port 6666. A quick "execute -c -f cmd.exe; interact 1; netstat -na" shows nothing listening on the port. An NMAP of the host confirms no listener... Macintosh:~ mark.baggett$ nmap 10.4.4.4 -p 6666 Starting Nmap 4.76 ( http://nmap.org ) at 2009-02-03 22:47 EST Interesting ports on 10.4.4.4: PORT STATE SERVICE 6666/tcp closed irc Nmap done: 1 IP address (1 host up) scanned in 0.27 seconds Macintosh:~ mark.baggett$ If I try to force the matter with a -L I get a nasty "Can't assign requested address" message. meterpreter > portfwd add -L 10.4.4.4 -l 6666 -r 192.168.1.1 -p 80 [-] Error running command portfwd: Can't assign requested address - bind(2) /Applications/framework3/lib/rex/socket/comm/local.rb:138:in `bind'/Applications/framework3/lib/rex/socket/comm/local.rb:138:in `create_by_type'/Applications/framework3/lib/rex/socket/comm/local.rb:26:in `create'/Applications/framework3/lib/rex/socket.rb:45:in `create_param'/Applications/framework3/lib/rex/socket.rb:52:in `create_tcp'/Applications/framework3/lib/rex/socket.rb:59:in `create_tcp_server'/Applications/framework3/lib/rex/services/local_relay.rb:184:in `start_tcp_relay'/Applications/framework3/lib/rex/post/meterpreter/ui/console/command_dispatcher/stdapi/net.rb:219:in `cmd_portfwd'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:234:in `send'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:234:in `run_command'/Applications/framework3/lib/rex/post/meterpreter/ui/console.rb:94:in `run_command'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:196:in `run_single'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in `each'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in `run_single'/Applications/framework3/lib/rex/post/meterpreter/ui/console.rb:60:in `interact'/Applications/framework3/lib/rex/ui/text/shell.rb:123:in `call'/Applications/framework3/lib/rex/ui/text/shell.rb:123:in `run'/Applications/framework3/lib/rex/post/meterpreter/ui/console.rb:58:in `interact'/Applications/framework3/lib/msf/base/sessions/meterpreter.rb:181:in `_interact'/Applications/framework3/lib/rex/ui/interactive.rb:48:in `interact'/Applications/framework3/lib/msf/ui/console/command_dispatcher/core.rb:918:in `cmd_sessions'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:234:in `send'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:234:in `run_command'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:196:in `run_single'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in `each'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in `run_single'/Applications/framework3/lib/msf/ui/console/command_dispatcher/exploit.rb:143:in `cmd_exploit'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:234:in `send'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:234:in `run_command'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:196:in `run_single'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in `each'/Applications/framework3/lib/rex/ui/text/dispatcher_shell.rb:191:in `run_single'/Applications/framework3/lib/rex/ui/text/shell.rb:127:in `run'./msfconsole:82 meterpreter > ipconfig Parallels OEM Adapter. Hardware MAC: 00:1c:42:99:40:22 IP Address : 10.4.4.4 Netmask : 255.255.255.0 Here is more detail on what I am trying to do. http://www.indepthdefense.com/2009/02/reverse-pivots-with-metasploit-how-not.html Thanks, Mark Baggett
Current thread:
- portfwd bug - Won't bind to local address Mark Baggett (Feb 08)
- portfwd bug - Won't bind to local address Carlos Perez (Feb 08)
- portfwd bug - Won't bind to local address egypt at metasploit.com (Feb 08)
- portfwd bug - Won't bind to local address Mark Baggett (Feb 10)
- portfwd bug - Won't bind to local address egypt at metasploit.com (Feb 08)
- portfwd bug - Won't bind to local address Carlos Perez (Feb 08)