Re: Unsuccessful connection after successful exploit

[HD Moore <hdm () metasploit com>]

On 2/11/2010 1:16 PM, Eloi Sanfèlix wrote:
> [*] Started bind handler
> [*] Command shell session 1 opened (127.0.0.1:39112
> <http://127.0.0.1:39112> -> 127.0.0.1:1234 <http://127.0.0.1:1234>)
>
>
> [*] Command shell session 1 closed.
>
> However, if I look at my emulated system, the exploit actually succeeded
> and it is executing a shell and listening for incoming connections on
> the selected port. Now, if I call exploit again, metasploit successfully
> connects to the shell created previously as you can see below:

Your best bet is to strace the remote process and figure out why the
socket is closing. One way to test this is by disabling the payload
handler entirely and then manually telnet'ing to the service while
strace is attached. You can disable the handler with:

set DisablePayloadHandler false

My guess is there is something weird with the bind payload; maybe you
are forking after the accept() and the parent is calling close?

-HD
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework