I don't understand why this keeps failing. I'm using a vpn service so I set my LHOST to 10.46.10.6. As you can see the exploit failed.
I also tried setting my LHOST to 192.168.1.105 just to try it, and it too, of course, failed.
Does anyone have an idea what could be going on?
I should also note the target is vulnerable to sqli, it's running Windows 2003, using stacked queries, and I am the owner of the database. I am able to get a shell on the OS using sqlmap's --os-shell command. I am not able to use --os-pwn. It says it was unable to upload the payload because either I don't have requisite write privileges or the AV immediately detected it and deleted it from the server. But I think it might be something to do with my configuration which is also why I can't execute --os-pwn using sqlmap.
Any advice is much appreciated!
3 Responses
Ok, please excuse but I have to ask this stupid question, because often it is silly little mistakes that trip up even the most seasoned coder. If using internal IPs are you on the targets network? If not you need an external IP.
doh!! Very nice point. I don't exactly understand NAT bs, but you probably right. I thought I read somewhere that LHOST is local host but that can't be right. When setting up the exploit, metasploit detected the ip to use was 10.46.10.6 and that's my interal ip so I assumed it knew better than I did.
i think u might require to set BindReverseListener.
Share Your Thoughts