Forum Thread: A Problem with Metasploit

Actually the default port for Metasploit is 4444. It's not essential, you can use any other port.

first, VMs doesn't mean vulnerable machines, but VIRTUAL MACHINES. second, the default port 3790 is the port used mostly by the GUI, graphical interface, of metasploit as a whole program...while port 4444 is the default port for exploitation, and you can change it to any port you like and that doesn't get blocked by your isp, like port 21, 443, 8080 ...

i know that vm means virtual machines what i meant is i'm using kali and a vulnerable machine( like a windows xp ) on vmware

and thanks for your replies
(just go easy on me i'm still on the road :P )

First thing, I find it very unlikely that your ISP is blocking 4444 as there is no reason why they would block a random port, so how did you conclude that?

Second, when making a payload you can specify ANY port you want in the LPORT= option (Don't use ports lower than 200 or even 1000 as some are reserved for some apps). Of course when firing up Metasploit multi handler specify that same port with set LHOST xxxx (i.e. 1589). -ne py

i read somewhere that back in the day there was some malicious app that creates a backdoor which listens on 4444

i opened many port used the nc -lvp command to listen on port and used canyouseeme to check if the port is working they showed sucess exept for port 4444

and i know i can specify any port i just wanted to know if port 4444 works best with metasploit since everybody, video tutorial i've read or seen they use 4444

thank you :)

Just set the LPORT to port 3333 and listen on 3333 with multi/handler. Or the built in listener. Ports are a bit like mailboxes, you can use any if you configure them correctly. Be warned though, some mailboxes are already in use (like 80 and 443 for http and https).

thanks man
i appreciate your support guys