I keep getting that "exploit completed but no session was created" Error everytime I run and exploit

Off-topic Exploits
, , , ,
5

Type your comment> @TazWake said:

@ogoody3365 said:

Every time I run an exploit no matter the attack or payload I keep getting this error. I really need help. This really isn’t working and it seems like it should. I have disabled my firewall, and I am trying sudo apt-get --auto-remove metasploit-framework and it is not working. It says “Sense Auto is not understood, try true or false.” I am trying to work with LAME, but legacy gives me the same issues. It doesn’t matter the payload or the exploit I still get that error. It’s making me sad guys. I really want this to work. I have been using this forum post [SOLVED] Exploit completed, but no sessions created. - Machines - Hack The Box :: Forums. I still am having issues

Without more information, it’s difficult to do anything except guess an answer.

Some things to consider.

  • Your attack and payload have to be valid for the target. If you are just trying a load of them, then all kinds of things might be happening. Without knowing what box you are using what attack on it could be as simple as MSF is never going to work on the attack you are trying.

For example, if you are using the vsftpd_234_backdoor exploit on Lame, it _ won’t_ work. All you will ever get is Exploit completed, but no session was created.

  • You need to make sure your choice of staged vs non-staged payload is going to work not the target.
  • When you run the exploit, does MSF say the target is vulnerable before it says it can’t create the session? If not, that is the problem. It does not What does this mean?
  • You’ve disabled the firewall but there are still other reasons why a port might not be suitable for the shell. Try some different LPORT settings and see if that changes anything.
  • If you are using an SMB exploit on an old box with a new version of MSF (such as MSF6), then there are lots of other complexities which could mean it won’t work. Most of the exploits on Lame seem to use MSF5.

So if I can’t exploit the vulnerabilities for the lame box should I just move on? I keep getting this exploit completed message, but no shells. Would it hurt to downgrade msf? if so how do I do that?