Starting Point Stuck on the xp_cmdshell and netcat listener

Currently, I'm running into with the netcat listener not responding to the xp_cmdshell command. Below is the following setup I have for this project.

Terminal 1
The filename.ovpn Loads as intended and it is located with the Starting Point folder

Terminal 2
The smbclient access the backups folder for and I'm able to get the prod.dtsConfig to obtain the password and user ID.

Terminal 3
Within the impacket example folder, I use the python script with the User ID and the starting point IP. This allows me to enter in the password and processed to the xp cmdshell command with the SQL command line. After I enter the command in the terminal to download and execute the reverse shell. After entering this command the 443 port listener doesn't respond to the xp cmdshell command.

Terminal 4
On this terminal, I'm located in the Starting Point folder and I start the http server with port 80. After starting this command I go to the browser and type localhost and I observe the files located their. They are prod.dtsConfig, shell.ps1, and filename.ovpn In addition the shell.ps1's IP is set to mine and not the IP.

Terminal 5
While located within the Starting Point folder I start the netcat command to listen on port 443.

Conclusion of the issue
When I enter the xp cmdshell command in Terminal 3 no response occurs within Terminal 5 netcat listener. This is stopping the process at the end of the Foothold on the Starting Point Tutorial. Does anyone know what I'm doing wrong in the tutorial and what the solution is? Thanks in advance.


  • solution

    What I discovered is when the machine is left idle for a bit of time. It is important to re enable xp cmdshell and restart the filename.ovpn Doing this allowed me to run the xp cmdshell command in Terminal 3 and quickly after Terminal 5's netcat listener worked as intended. Shortly after I was able to advance through the tutorial and accomplish the Starting Point Tutorial. Hope this helps someone else if they get stuck.

Sign In to comment.