So let's say I am using a reverse shell to connect back to me when launched. I am using Kali in a virtual machine so it would be possible for me to launch the payload on my actual host machine so that it will connect back to my Kali OS in my virtual machine.(Bridged). Does this immediately mean that when this reverse connection works between my virtual machine and host machine that it should also be able to work with other machines on the same network?
For example, I have a host machine with a virtual machine that runs Kali and another target computer on the same network.
So when I test this payload on my host machine and it works, and I also test this on the target computer on the same network but then it doesn't work, does this actually mean that we can exclude all network related problems and instead look at the target PC only?(maybe AV is blocking it but at least I know it is not network related)\
PS: I checked the port that I was using with an open port checker(canyouseeme.org) and it said port 443 which I was using was open. I don't think that really matters as it is on the same network but still maybe I was wrong.
8 Responses
Okay, answer on first question is this: payload should be able to work on whole LAN network. Your LAN allows you to connect with other machines on your network. You communicate with them via router. And because of that, there is no need to open ports which is case with WAN. Lets assume your host machine is using win10 without AV, and firewall. Your payload will work without problems. But, what would happen if machine have AV and firewall on? It is hard to say that payload will work. AV will block suspicious files, connections and etc, and if connection pass through AV, maybe it wont pass firewall and attack will fail. So, that means network isnt problem. Problem lays in machine which have good defense. In most cases, there is no problem with LAN, problem is usually in machine which have updated apps which prevents such exploit. So, check firewall and AV on that machine. Try disabling them and see what happens. If attack is still failing, try different exploit. Mix things, explore, that is best way of learning. And sorry if my english is bad. Cheers
Aah thanks for the quick reply. So if I understand you correctly if it works on my host without any security precautions it should also work on the target pc when it doesnt have any security precautions. Meaning that there is no such thing as a network firewall blocking connections as we already were able to get a connection between host and virtual machine.
Yes, it should work on every LAN machine. But you should take in observing that not all machines have same vulnerabilities. You can maybe use adobe exploit on one machine, but on other, adobe may be updated and exploit wont work. Network firewall protect your pc in the way it controls which ports have communication with internet. However there is LAN firewall which permits connections from other LAN machines, but that should be done in router settings. I hope i didnt confuse and you got answer you wanted.
Thanks, that really helped me out but you do mention LAN while I am using wifi so does that make any difference or did I misinterpret the way you used the word LAN.
With wifi you are connecting on network. And devices which are connected to network are in LAN. I suggest you to take a look at DHCP, NAT, to understand how LAN and network in general works.
I am not that familiar yet with these terms so thanks for your help.
You are very welcome. Have fun while learning.
Which IP Address I Must use to for a Reverse TCP connection for a payload in a Virtual Machine. Host Or Virtual Machine?
Share Your Thoughts