Forum Thread: A Problem with Metasploit

A Problem with Metasploit

I've been on the Null-byte world for quite some time now, and to be honest i did learn a few things.

When i started trying the How-to and stuff on my local network using, of course, Kali Linux and a vulnerable machine (VMs) i found out that my ISP is blocking Port 4444 which, in every tutorial i've seen so far, that's the listening port used in metasploit.

i did a search and found that the default port for meta is 3790 but everyone is using 4444

now i would like to know is the port 4444 essential or could i use another one, and how can i bypass my ISP port blocking and open 4444

(finally i would like to confess - Yes I'm a Newbie - starting with the technical stuff and moving to applying what i learned)

7 Responses

Actually the default port for Metasploit is 4444. It's not essential, you can use any other port.

first, VMs doesn't mean vulnerable machines, but VIRTUAL MACHINES. second, the default port 3790 is the port used mostly by the GUI, graphical interface, of metasploit as a whole program...while port 4444 is the default port for exploitation, and you can change it to any port you like and that doesn't get blocked by your isp, like port 21, 443, 8080 ...

i know that vm means virtual machines what i meant is i'm using kali and a vulnerable machine( like a windows xp ) on vmware

and thanks for your replies
(just go easy on me i'm still on the road :P )

First thing, I find it very unlikely that your ISP is blocking 4444 as there is no reason why they would block a random port, so how did you conclude that?

Second, when making a payload you can specify ANY port you want in the LPORT= option (Don't use ports lower than 200 or even 1000 as some are reserved for some apps). Of course when firing up Metasploit multi handler specify that same port with set LHOST xxxx (i.e. 1589). -ne py

i read somewhere that back in the day there was some malicious app that creates a backdoor which listens on 4444

i opened many port used the nc -lvp command to listen on port and used canyouseeme to check if the port is working they showed sucess exept for port 4444

and i know i can specify any port i just wanted to know if port 4444 works best with metasploit since everybody, video tutorial i've read or seen they use 4444

thank you :)

Just set the LPORT to port 3333 and listen on 3333 with multi/handler. Or the built in listener. Ports are a bit like mailboxes, you can use any if you configure them correctly. Be warned though, some mailboxes are already in use (like 80 and 443 for http and https).

Share Your Thoughts

  • Hot
  • Active