Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

virtual interfaces

From: tomb at byrneit.net (Tomas L. Byrnes)
Date: Sun, 17 Oct 2004 10:51:16 -0700
A reverse connection is only going to work if the IP/PORT being
connected to is accessible from the Internet.
 

-----Original Message-----
From: ninjatools at hush.com [mailto:ninjatools at hush.com] 
Sent: Sunday, October 17, 2004 9:48 AM
To: framework at metasploit.com; bobismighty at gmail.com
Subject: Re: [framework] virtual interfaces

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

It can't connect to the host.  Hence the error.  We have yet developed
any technologies to bypass these sort of situations.

- -spoon

On Sat, 16 Oct 2004 13:24:46 -0700 Bob the mighty one
<bobismighty at gmail.com>
wrote:

Ok well I will never live that last one down with the linux exploit 
against the windows box :), but I have another question that hopefully 
isnt so stupid. Ok well I was testing out some of the windows exploits 
on my internal network, against my windows computer. And I could only 
get it to work if I set up a virtual interface with a private IP for it



to connect back to. I dont know If that's  normal, but the problem I 
had was when I was trying to exploit boxes outside of my network,



whether it be a friend's box over the internet, or one of mine that I 
put outside the DMZ.  I can't get the exploit to complete, even if I am



using the win32_bind payload instead of reverse.
heres the output

msf msrpc_dcom_ms03_026(win32_reverse) > exploit [*] Starting Reverse 
Handler.
[*] Error creating socket: Connection failed: Operation now in progress



[*] Exiting Reverse Handler.

Now remember, I am launching the exploit from a computer with a private



ip address, against one with a public address. But even when I launch 
from a public ip, i get the same.....Most likely in about
5
minutes something will click in my head and it will all make 
sense....and I will make an even bigger idiot of myself. But I figured 
its worth asking for help. thanks.

-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.4

wkYEARECAAYFAkFyoikACgkQtCeTLzI39ePDsgCgm9Dkg8uY+g50WP53IMZHczpmKKoA
niZ22tFHyKxzRQG5j9/66+9T/JGy
=Jkt8
-----END PGP SIGNATURE-----




Concerned about your privacy? Follow this link to get secure FREE email:
http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427
Previous By Date Next
Previous By Thread Next

Current thread: