Forum Thread: Problem with Meterpreter Through WAN.

Problem with Meterpreter Through WAN.

Hello guys!

I'm currently trying to test some exploits through wan.
I'm using .exe files generator called thefatrat.

I launched it on my own pc, and laptop. Everything works fine as long as it is connected through one network. Problem occurs when I try to do it through "internet". I generated it to connect with my public ip, port 4444, and I also forwarded the port 4444 to my machine(the one I'm waiting for a meterpreter session). Then in terminal I use port 4444 and local ip for my machine (the same ip my port should be forwarded to).

Assuming:
In .exe generator:
LHOST: Public IP
LPORT 4444

in terminal
SET LHOST: My machine local IP
SET LPORT: 4444

and wait for a session, which doesn't come up. When i type netstat on the machine that should connect to the second one, under the ip it says: SYN_SENT.

The weird thing is when I check if port is oppened on various sites, it says that it is not opened. I do not know why (port forwarding should be ok).

Also when I type a random port there, it also says that it's not opened (but somehow everything connects fine).

What can I do?

5 Responses

Might be a dumb question, but are you sure you forwarded a TCP port?

It can be either you didn't forward the port correctly (check the firewall if there's any) or you didn't set the handler correctly (maybe you forgot to type the command "exploit" in the terminal...or your IP changed etc...)

try to run this command: nc -vlp 4444, hit enter...now go to THIS WEBSITE to check if your port is open.

Thank you guys for your replies!
So:

@Tacocat
Yes I did, as you can see on the screenshot I also tried to set the protocol on ALL.
@Hxr ROFO

The router seem to not have one at all. I tried to turn off windows firewall, and even antivirus firewall for a test purposes, still nothing.

Handler must've been set correctly, because I did it the same way i was doing it through local network.

Here are the screens guys.
Is there anything wrong?

Maybe try using a different internal port than the external one? The payload would remain the same (I think), but you would set up the listener differently. Also, maybe instead of having the port set to All, use just TCP. This worked fine for me a couple days ago, and I never plan on using that port for UDP.

If none of these work, you could also try the Reverse TCP DNS payload, with a domain from noip.com
EDIT: The DNS payload probably wouldn't work if the port isn't open :P

@TacoCat

Just did it, still nothing happens. Can't estabilish a connection. Netstat still shows SYN_SENT.

Can't manage it to work. Are there any other options?

Share Your Thoughts

  • Hot
  • Active