Results 1 to 3 of 3

Thread: Metasploit and SET wierd thing.

  1. #1
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Metasploit and SET wierd thing.

    Ok I will try to explain this as clear as I can:
    I plaied with Metasploit and SET in my LAN, worked fine no problems no nothing so me and a friend of mine tought to test them on the internet.

    So I tried port forwarding with both, none worked but then I set my router to give me an external IP both worked. I just don't get it works fine with external IP so why doesn't it work with port forwarding.

    I turned firewalls off too still nothing.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Metasploit and SET wierd thing.

    Someone in one of the mailing lists I subscribe to had this exact problem, but I never heard back on whether the issue was resolved. But at least now you know you're not the only one with this problem

    You will probably need to do some low level troubleshooting on this to find out how the SET payloads work. Id recommend starting off by performing a packet capture on a working Metasploit/SET session and seeing how many TCP sessions are involved and which systems initiate the connection, then do the same with a non working one and see the difference in order to track down the root cause. In the case of the non working session, get packet captures from both the client and server side - I anticipate you will see one of them attempt to make a connection to the private NAT address of the other, which obviously won't work.

    I have had problems with getting other client side attacks working through Metasploit when NAT was involved. In the situation where I was having the problem (it was with a reverse_http passivex session), I had to modify the code of the Metasploit reverse_http handler to get the connection to work.

    If you fix this it would be good if you can share details of the resolution of the problem.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Metasploit and SET wierd thing.

    Well I tried Metasploit but the funny thing it I can see how the exploit is running I just don't get a shell back.

    Code:
    [*] Sending Internet Explorer COM CreateObject Code Execution exploit HTML to 82.77.186.30:2740...
    [*] Sending Internet Explorer COM CreateObject Code Execution exploit HTML to 82.77.186.30:2740...
    [*] Sending Internet Explorer COM CreateObject Code Execution exploit HTML to 82.77.186.30:2740...

    Ok as promissed I would come back and tell you the results. I fixed Metasploit with port forwarding.
    The problem was from my brain it's just not good enought.
    I realized after some time in the routers page that the rules from port forwarding were made only for "UDP" and not "TCP" I just had to make my own rules for UPD and TCP trafic both and Metasploit worked just fine Think I will make a tutorial about this.

    I haven't got the change to test SET yet but will try it, hope it works.
    Last edited by sickness; 06-15-2010 at 10:22 AM.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

Similar Threads

  1. wierd problem in dual boot
    By azagorath in forum OLD BackTrack 4 Bugs and Fixes
    Replies: 0
    Last Post: 01-28-2010, 02:50 AM
  2. Wierd? (I did not now how to log onto BT4)
    By {LCD}STELIOS in forum OLD Newbie Area
    Replies: 2
    Last Post: 08-20-2009, 06:14 AM
  3. Wierd Problem
    By sa_anwer in forum OLD Latest Public Release - BackTrack4 Beta
    Replies: 3
    Last Post: 03-11-2009, 02:28 PM
  4. Wierd wireless connection problem !!!!!!
    By acetpg in forum OLD BackTrack 3 Final
    Replies: 6
    Last Post: 09-07-2008, 10:18 PM
  5. Wierd question re: the forums
    By BigTone in forum OLD Newbie Area
    Replies: 3
    Last Post: 12-01-2007, 04:04 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •