Chatterbox

Can someone help me? I have found the python script, but i don t get a reverse shell.

@DeepBlue5 said:
Can someone help me? I have found the python script, but i don t get a reverse shell.

if you have the python script it’s pretty obvious , just read it and try to understand what it’s doing , plus read the comments on that script !

Woo - got root.txt. Once I got a stable meterpreter session it was easy - took longer to do the nmap scan :slight_smile:

Why is my Meterpreter Session always died?

10.10.10.74 - Meterpreter session 1 closed. Reason: Died

Can someone help?

@DeepBlue5 said:
Why is my Meterpreter Session always died?

10.10.10.74 - Meterpreter session 1 closed. Reason: Died

Can someone help?

dont use meterpreter at first, use a satandar one and then upgrade

I got two open ports, one port mentioning service with three letters, but I can’t find any exploit on this protocol.
Can anybody help me pls?

@sqw3Egl said:
Woo - got root.txt. Once I got a stable meterpreter session it was easy - took longer to do the nmap scan :slight_smile:

did you do with metasploit or python script?

@mokrea said:

@sqw3Egl said:
Woo - got root.txt. Once I got a stable meterpreter session it was easy - took longer to do the nmap scan :slight_smile:

did you do with metasploit or python script?

could be both together

@mokrea said:

@sqw3Egl said:
Woo - got root.txt. Once I got a stable meterpreter session it was easy - took longer to do the nmap scan :slight_smile:

did you do with metasploit or python script?

just with metasploit - there are options you can configure to make it work and be stable.

@War4uthor said:
Ok scratch that I found a payload that works. It’s just very unstable!

are you using a payload in msf? can you share your process of elimination without a spoiler?

@Kwicster said:

@bianca said:
My session keeps getting killed with error message Died from Errno::ECONNRESET before I can do anything. Is that because someone else is on the machine? I tried several payloads already. This one’s the only one that opened a session.

Happened to me too, google up auto migrating meterpreter sessions. The exploit used will naturally close out the connection unless migrated

Thanks, this is really helpful !

@wirepigeon said:

@estihex said:
i cant find any :frowning: wasted 3 hours with nmap :smiley: hehe

nmap -sT --min-rate 5000 --max-retries 1 -p-

Kudos man!

Is someone willing to DM me with help on this one? Trying to get the python script to work. Have generate what I think is the right payload with none of the forbidden characters and under the size limit (i’m around 692 bytes) But nothing is happening. I know it’s a stupid simple mistake, it usually is.

Best thing to do is to spin up a Windows 7 VM, install the vulnerable service and keep messing with it by testing and restarting until you get a solid shell back. Just got user without Metasploit, working on root

no open ports found…what to do

is there a user.txt? or just root.txt?

@n0tl33t said:
is there a user.txt? or just root.txt?

Nvm. Reset the box and the user.txt showed up, also need to do something before being able to read root.txt now. Almost missed a chance to learn something

Got a meterpreter connection, but for every commands it returns:
Error running command command_name: Rex::TimeoutError Operation timed out.

Any hint?

try masscan guys. Its the fastest

@F2F said:
Got a meterpreter connection, but for every commands it returns:
Error running command command_name: Rex::TimeoutError Operation timed out.

Any hint?

I’ve been having the same problem since yesterday, I got the user.txt then decided to go back for root, not Im getting crashes every time I get a session.