Metasploit mailing list archives
Re: Unsuccessful connection after successful exploit
From: Eloi Sanfèlix <eloi () limited-entropy com>
Date: Thu, 11 Feb 2010 20:54:39 +0100
Hi, Thanks for the tip. The weird thing is that the payload is actually being executed and everything is right. I already tried before, between my first and second call to the exploit, to telnet to the port. You can see it below: msf exploit(stack) > exploit [*] Exploit completed, but no session was created. msf exploit(stack) > nc localhost 4444 [*] exec: nc localhost 4444 /system/bin/id uid=0(root) gid=0(root) To me it seems that the payload is actually, and something goes wrong when metasploit tries to connect (due to my sloppiness probably). I'll try to strace the vulnerable process and see what happens. Thanks again. Eloi On Thu, Feb 11, 2010 at 8:29 PM, HD Moore <hdm () metasploit com> wrote:
On 2/11/2010 1:16 PM, Eloi Sanfèlix wrote:[*] Started bind handler [*] Command shell session 1 opened (127.0.0.1:39112 <http://127.0.0.1:39112> -> 127.0.0.1:1234 <http://127.0.0.1:1234>) [*] Command shell session 1 closed. However, if I look at my emulated system, the exploit actually succeeded and it is executing a shell and listening for incoming connections on the selected port. Now, if I call exploit again, metasploit successfully connects to the shell created previously as you can see below:Your best bet is to strace the remote process and figure out why the socket is closing. One way to test this is by disabling the payload handler entirely and then manually telnet'ing to the service while strace is attached. You can disable the handler with: set DisablePayloadHandler false My guess is there is something weird with the bind payload; maybe you are forking after the accept() and the parent is calling close? -HD _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Unsuccessful connection after successful exploit Eloi Sanfèlix (Feb 11)
- Re: Unsuccessful connection after successful exploit HD Moore (Feb 11)
- Re: Unsuccessful connection after successful exploit Eloi Sanfèlix (Feb 11)
- Re: Unsuccessful connection after successful exploit Patrick Webster (Feb 11)
- Re: Unsuccessful connection after successful exploit Eloi Sanfèlix (Feb 11)
- Re: Unsuccessful connection after successful exploit HD Moore (Feb 11)