Forum Thread: Metasploit Exploitation

I am using metasploit now with some succes. I created a payload with Veil-Evasion which doesn't get discovered by my AV and it works fine. I tested it with some computers in my own network and with a friend of mine it still worked when I used my public IP instead. However I wanted to experiment with this even more and tried it on the computer science computers at school with the permission of the teacher responsible for that classroom. This time it didn't work even though I tried like 5 computers. I am not that experienced and therefore I am not completely well informed about the network that computers function in at for example school. Does anyone know how to solve this?

Do you think the firewall of the schoolnetwork might be preventing my payload from connecting from inside the schoolnetwork to the outside which is my own private network and if so how do I solve it?

16 Responses

This may seem like an obvious question, but are you sure the payload is compatable with their operating system?

-Defalt

Yes the payload ran on windows 7 and 8 when I tested it. The computer at school is windows 7. I tested it on the computer of my teacher because he was curious aswell but then it does state: sendsing stage to "IP-address". Normally like 10 seconds later it will say: meterpreter session 1 was opened but in this case it didn't.

Are you on the schools LAN or are you attempting to connect back on WAN?

I am trying to get a computer on the schoolnetwork connected to my own computer on my private network at home. Therefore I am using my WAN IP. The strange thing is that I already tried this with a friend who was on his private network and it worked fine but when I try it with the schoolnetwork it doesn't work. Could this have anything to do with firewall or something like that?

It is very likely that the school has a dedicated network firewall.

-Defalt

Do you have any ideas about getting around this firewall issue? I thought of bringing my laptop and connecting to the same network.

You may try encrypting or fragmenting your traffic. Also, you may try using well known ports (such as port 80 or 443).

Thanks I think using a well known port might work.

How did the ports check out?

Sorry but I don't really understand your question. I forwarded one of my ports. I believe the problem might have something to do with the network security or something like that but I am not sure.

Have you tried using another payload, such as reverse shell?

The one I am using is reverse shell

Don't let your hopes down you can always try a MIM attack using sslstrip

its way cooler than the reverse shell because you can make it so that any computer on that network gets online pictures replaced with a picture of your choice ie cats ... however that requires LAN

I am able to get on LAN so do I in this case still need portforwarding?

You don't need port forwarding for LAN

Thanks I wasn't sure

Share Your Thoughts

  • Hot
  • Active