NetCat connection issue

I'm soo close to get user hash for Tabby but i'm stuck, not for logic problem but for address probelms... I get Tomcat login credential, with curl command i uploaded the msfvenom generated payload (i'm trying to reassume for not making sploilers) and than i can't connect to the reverse shell i created and succefully uploaded.
I don't want answers for the machine because i already know how to get in, i need help because for the new Arena features i can't connect into the machines (I can scan them but cannot connect into the reverse_shells)!

Tagged:

Comments

  • Hey @14t3r .
    If you're discussing this in 'Official Tabby Discussion', you will get answers or nudges quickly. Because most people avoids random/issue oriented threads.

    One more thing, don't post unnecessary things like vulnerability, username, exploit name, maybe it will be considered as spoilers.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Try to switch VPN servers, if you your VPN blocks incoming connections.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • Raise JIRA ticket, if problem persists.
    I also encountered this issue, but switching VPN fixed it. But its good to report the issue.

    A Chemist doing Penetration Testing - Check the Story here: BinaryBiceps

  • ok i'll try @gunroot! I'll post discussion with less details...

  • @14t3r said:

    I don't want answers for the machine because i already know how to get in, i need help because for the new Arena features i can't connect into the machines (I can scan them but cannot connect into the reverse_shells)!

    What are the new "Arena" features? When you say you cant connect into reverse shells what happens?

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • ok i'll try @gunroot! I'll post discussion with less details... i think i have one last issue, i edit the ovpn file to connect with tcp but when i reload the htb access it still say i'm connected to port 1337 (udp) and not port 443 (tcp). I changed:
    proto udp
    remote edge-us-free-3.hackthebox.eu 1337

    to:
    proto tcp
    remote edge-us-free-3.hackthebox.eu 443

  • @TazWake nothing happen when i type netcat listen command "nc -lvnp 4444"
    the response is "Ncat: Listening on 0.0.0.0:4444", when i active the payload with the curl method nothing happen like he can't reach my machine

  • edited September 2020

    @14t3r said:

    @TazWake nothing happen when i type netcat listen command "nc -lvnp 4444"
    the response is "Ncat: Listening on 0.0.0.0:4444", when i active the payload with the curl method nothing happen like he can't reach my machine

    Is that on every box or just Tabby?

    EDITED TO ADD:

    In msvenom what LHOST did you specify?

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    @14t3r said:

    @TazWake nothing happen when i type netcat listen command "nc -lvnp 4444"
    the response is "Ncat: Listening on 0.0.0.0:4444", when i active the payload with the curl method nothing happen like he can't reach my machine

    Is that on every box or just Tabby?

    EDITED TO ADD:

    In msvenom what LHOST did you specify?

    it happen in every box

    LHOST i specificed the ip from tan0 interface (ip address)

  • Ok, if it is every box then the chances are it is something on your system.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • Type your comment> @TazWake said:

    Ok, if it is every box then the chances are it is something on your system.

    I have a Oracle Virtual Machine with bridge connection setting.. With other machines i never had problem.. With Tracexec i exploit that with a revere shell and get the hash, after the opening of the CTF i can't change my htb connection to tcp (so to 443 port). I'll try to reinstall OS or set all setting by default. Thanks a lot for help anyways!!!

  • @14t3r - ok, its certainly worth working through some troubleshooting to see if you can identify where the issue lies.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • @14t3r
    I had the same issues before when I was on an VM.
    Could not get NC shell.
    However, when I changed my network to be NAT (changed from Bridge) it all started working properly.

    Always happy to help others. 100% human

    https://www.mindfueldaily.com/livewell/thank-you/

  • Type your comment> @acidbat said:

    @14t3r
    I had the same issues before when I was on an VM.
    Could not get NC shell.
    However, when I changed my network to be NAT (changed from Bridge) it all started working properly.

    Nothing changed, htb access page still say i'm connected with port 1337 so with a udp connection so i can't make a tcp connection with the reverse shell

  • edited September 2020

    followed the advice above to use the tun0 address. worked for me. switched my server too

  • Similar issue that I ve been facing a lot when I try to nc. It says connect to [ip] from example.com [ip] and nothing happens. I am using Kali linux on vm. Please help!

  • @Dazzle2013 said:

    Similar issue that I ve been facing a lot when I try to nc. It says connect to [ip] from example.com [ip] and nothing happens. I am using Kali linux on vm. Please help!

    That is the default behaviour for netcat - the "nothing happens" is normally just netcat waiting for commands.

    If you are trying to make a netcat to netcat connection, then at least one end needs to call a shell. If you haven't set it up to do this, it wont work.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

Sign In to comment.