Re: sessions enquire

[Patrick Webster <patrick () metasploit com>]

You have probably missed something. A 'session' is a correctly
exploited service where the payload/shellcode has executed correctly
and thus often bound to a TCP port etc.

Did you set PAYLOAD, TARGET and RHOST within the snort module?

Try 'show options' and make sure mandatory fields are set.... if
everything is set correctly the exploit should not 'abort' as you
state, it will simply timeout / fail which may indicate the
exploitability of your snort setup is incorrect.

-Patrick

On Fri, Jul 29, 2011 at 7:09 AM, Alexandros Christias
<ac94 () st-andrews ac uk> wrote:
> Dear Sir/Madam,
>
> I am a postgraduate student at the University of St Andrews doing an M.Sc in
> IT.  I am carrying out a pen test for my dissertation in which I am trying
> to exploit NIDS vulnerabilities. I have installed Metasploit on a Windows
> machine and Snort on another. My main problem is that I cannot find how to
> create a session. I am trying to use exploits that need a session and when I
> type "sessions -l" the output states that there isn't any active session. If
> I try to launch the exploit without setting a session the exploit will
> abort.
>
> Do I have to create the session myself or there is a way in which the
> sessions are generated?
>
> Yours faithfully,
> Alexandros Christias
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework