Chatterbox

Need help, I got the port, the exploit and maybe the payload. But I can’t get the session works. Sometimes I get this error: 10.10.10.74 - Command shell session 1 closed. Reason: Died from Errno::ECONNRESET

@furyRoad said:
Need help, I got the port, the exploit and maybe the payload. But I can’t get the session works. Sometimes I get this error: 10.10.10.74 - Command shell session 1 closed. Reason: Died from Errno::ECONNRESET

Maybe someone uses a false way.
Maybe someone should search the forum and read some posts.

There are way too much hints here for that, very easy, box.

Unable to scan the VM, can i PM someone for helping me ?

@jugulaire said:
Unable to scan the VM, can i PM someone for helping me ?

Use masscan and make sure interface is set to “tun0”

I only have 1 reset per day and the exploit works only if someone is not already on it? And the meterpreter shell dies within 5 seconds. The box sucks big time

Perhaps auto-migrate to a different process,

set AutoRunScript post/windows/manage/migrate

I forgot, you’re correct the box does suck big time :slight_smile:

ok I got root. Apologies to the guy who reset it, I had to to hijack his session and run the exploit before him, because it works only once (at least if the previous person doesn’t exit properly, and I only have one reset per day). That’s why I’m not giving a thumb up to this box. Sorry. And yes, automigrate

why does metasploit return me “Exploit complete, but no session was created”? I’ve used allports payload and several others. That one is the only payload that doesn’t return me the “No encoders encoded the buffer successfully.” error.

You don’t need metasploit for the exploit. You can use metasploit to receive your shell, but don’t use it for the exploit.

Your payload is correct but you need to adjust the encoder it seems, under no circumstances would I advocate using msf, you learn little from that approach and it’s highly discouraged, but I make an exception with boxes whether intentionally or not are dysfunctional. I’m a little ambivalent when I come across a box like it, which is rare, so here’s a riddle, the answer is ‘universally mixed’, and 'W’e 'M’erry 'I’ndividuals can’t just allude to the post local privilege exploit you should use.

Pretty sure have the right exploit and used smaller payload to remove the error about no encoders, but still no connect back, tried msf and manual to get a shell back with no luck, have reverted this box so many times, can anyone provide a nudge in the right direction. PM me pls.

@frenchish said:
Pretty sure have the right exploit and used smaller payload to remove the error about no encoders, but still no connect back, tried msf and manual to get a shell back with no luck, have reverted this box so many times, can anyone provide a nudge in the right direction. PM me pls.

Use google to learn how to migrate your meterpreter’s session.

Use google to learn how to migrate your meterpreter’s session.

But I am not using a meterpreter payload, ideally want to get the manual exploit working and have tried with earlier suggestion “set AutoRunScript post/windows/manage/migrate” when using meterpreter payload.

there is a much better python exploit that should be used… if you have done your OSCP the buffer overflow payload work should be easy, little customisation…

Hey RPSUK, I am using the python exploit customized (Dont want to put too much on here, incase of spoilers) , even installed clone environment to test on, could you PM to discuss more detail?

@estihex said:
i cant find any :frowning: wasted 3 hours with nmap :smiley: hehe

nmap -sT --min-rate 5000 --max-retries 1 -p-

Hi All,
I got the priv file and I’ve tried to get system for long time however no more progress then. Could anyone please point me in the right direction?

Anybody stuck on scanning for ports pm me; made a bash script to automate it

Can i DM someone for this Box. Im not using msf. Have the py exploit, but cant seem to make it work.