-
Notifications
You must be signed in to change notification settings - Fork 13.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exploit completed, but no session was created #17432
Comments
You can You can
Is the remote service running on port 4444? |
Thank you for your answer! Right, the port was not correct. In the Metasploitable environment the following http ports are open and listening:
So I tried as I also set the
After running the check command I get the following message: This message is quite meaningful ... I am currently in the process of delving deeper into the subject. After a few days of testing and reading, I can't get any further. Thank you very much for the help! |
Hey anyone can help me ? i have this issue [*] Started reverse TCP handler on 192.168.2.5:4444 #################### Request:#################### |
Hi! This issue has been left open with no activity for a while now. We get a lot of issues, so we currently close issues after 60 days of inactivity. It’s been at least 30 days since the last update here. As a friendly reminder: the best way to see this issue, or any other, fixed is to open a Pull Request. |
bind payloads create a bindshell (if successful). If you have set
It is not clear what you are trying to exploit, or how you're trying to exploit it, or why. The original post talks about "SQL injection" then proceeds to talk about an unrelated command argument injection in PHP when run as CGI. This vulnerability is a decade old. You should verify whether Metasploitable3 is vulnerable to this issue. You can You can This issue was abandoned more than 2 months ago. Closing. |
There was a bug in the |
This comment was marked as off-topic.
This comment was marked as off-topic.
Any info on this? I have the same problem. It feels like I have tried everything. Updated the meta, changed the network on the VB connection. Worked through alot of diffrent port but still i get the same result: msf6 exploit(multi/misc/java_rmi_server) > set LPORT 80 [] Started reverse TCP handler on 192.168.0.88:80 Active sessionsNo active sessions. |
Hello,
I am having a problem running a SQL injection against an outdated version of PHP. I am operating from a current Kali Linux with current MSF as opertational VM and a metasploitable3 as victim.
I am using the exploit
multi/http/php_cgi_arg_injection
.The VMs are mutually pingable. No AntiVir installed. Assigning the options and executing the injection:
After running the "run" command, the execution hangs for some time at
[*] Started reverse TCP handler on 192.168.0.23:4444
Since I don't get an error message, I don't think it's an exploit problem. I have now already tested a few systems.
The Google suggestions were also unsuccessful. This seems to happen more often. Does anyone have an idea?
Metasploit version
Framework: 6.2.31-dev on Kali 2022.04 (was already pre-installed)
Console : 6.2.31-dev
Additional Information
The exploitable VM is metasploitable3 (https://github.com/rapid7/metasploitable3) as .ova imported in Oracle VirtualBox
The text was updated successfully, but these errors were encountered: