Metasploit mailing list archives
Re: Meterpreter Reverse HTTPS Issue
From: Florian Roth <Neo.X () web de>
Date: Sun, 16 May 2010 10:04:16 +0200
As you already noticed - I suppose the problem resides in the network or transport layer as everything works out fine if you are on the same network with the target machine. You should check with wireshark or tcpdump, if there is some network activity - first on the target site and then at your attacker system. What I would expect to see is: - DNS queries without valid response on the target system - TCP resets coming form your router - ICMP destination unreachable originating from a router So - install a wireshark on the target machine, start capturing and then start your meterpreter payload. Regards On Sat, 2010-05-15 at 18:27 -0500, mickylee () hushmail com wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I'm running a multi handler in msfconsole and having an issue with meterpreter where it hangs on the following: [*] Patching Target ID Vkev into DLL (obviously target id will be different) I generated a meterpreter reverse https payload using msfpayload and ran it on a target VM running Windows XP. After a while the meterpreter process will finally just die on the target system. Does anyone have an idea what would be causing this? I only seem to notice this when I run the meterpreter executable in my VM and I'm on a network other than my home network. In both cases I have set LHOST to my routers external IP and LPORT to 443. I am forwarding all traffic to a NAT host on my internal network. As I said, it only seems to hang on that when I'm on someone else's network, but never when I'm on my own. Thanks for any ideas on what's causing this! -----BEGIN PGP SIGNATURE----- Charset: UTF8 Version: Hush 3.0 Note: This signature can be verified at https://www.hushtools.com/verify wpwEAQMCAAYFAkvvLeoACgkQybI6BH2T11ZSZgP7BxeMwxSdNS+xvnQ3J6FUNIu4+cus 88pG52i7zLT1n9r0nM+kX3dAPWAzQYd0jhLm8OtPzJqDw/Tp/WXshLAslU1tvJXzmnW7 TwkevsDOxSznNs0eqM35RAC+frK+gqw7mRu6lBaW1JUIAABdzZLNN2cDTL3eBV1Hpr2y 7w1+2fk= =3A3B -----END PGP SIGNATURE----- _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
-- Sincerely Saludos cordiales Mit freundlichen Grüßen Florian Roth Tel: +49 06251 - 827 9402 Mobil: +49 175 - 7240 363 Fax: +49 12125 - 11699510 eMail: Florian.Roth () email de _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Meterpreter Reverse HTTPS Issue mickylee (May 15)
- Re: Meterpreter Reverse HTTPS Issue Terrence (May 15)
- Re: Meterpreter Reverse HTTPS Issue Florian Roth (May 16)
- Re: Meterpreter Reverse HTTPS Issue Robert Portvliet (May 16)