Metasploit mailing list archives
Re: meterpreter flaky
From: Sherif El-Deeb <archeldeeb () gmail com>
Date: Wed, 5 Dec 2012 16:14:16 +0000
Did you try any other payload? reverse_http for instance? also more details will help, like OS, architecture “of both the handler and the target”, console output, the command lines you type ... and if you feel really, really generous, a PCAP of the handler and the target might not be a bad idea. Sherif Eldeeb. *From:* k41zen <k41zen () me com> *Sent:* December 5, 2012 7:07 PM *To:* framework () spool metasploit com *Subject:* Re: [framework] meterpreter flaky Have created a meterpreter/reverse_tcp exe and upload this to the same target in an effort to gain persistence through the "run persistence" command instead of metsvc. Listener is all good but when I execute the .exe on the target metasploit sits there saying "Sending Stage" and sits there forever. Any ideas? On 5 Dec 2012, at 11:46, Matt Gardenghi <mtgarden () gmail com> wrote:
As I recall metsvc is depreciated. Try "run persistence" instead. Matt Gardenghi On Dec 5, 2012, at 6:39, k41zen <k41zen () me com> wrote:Grateful for any help someone can offer on this please. I've successfully got a meterpreter/metsvc_bind_tcp service running on a
Windows7 host, however, I can rarely interact with the session. AV and the FW are disabled. When I connect and execute commands such as ls and ps I receive the error "Unknown Command".
Sometimes when I connect, the metsvc-server.exe crashes. Restarting the
metsvc service on the target and reconnecting doesn't seem to make a difference. Rebooting the target and starting my msfconsole session from scratch makes little difference too. Uninstalling the service with "metsvc remove-service" and re-installing with "metsvc install-service" makes also no difference.
I tried something completely different last night and created a new
payload via a USB stick and executed that. This gave me a meterpreter/reverse_tcp shell and through that I was then able to install the service again using "run metsvc". I instantly connected and could interact with the session without issue. However I came in this morning and have exactly the same issues of "Unknown command".
Can anyone help? _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- meterpreter flaky k41zen (Dec 05)
- Re: meterpreter flaky Matt Gardenghi (Dec 05)
- Re: meterpreter flaky k41zen (Dec 05)
- <Possible follow-ups>
- Re: meterpreter flaky Sherif El-Deeb (Dec 05)
- Re: meterpreter flaky k41zen (Dec 06)
- Re: meterpreter flaky Matt Gardenghi (Dec 05)