Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Meterpreter 'shell' no such command #9101

Closed
2 tasks
rocket-pig opened this issue Oct 20, 2017 · 20 comments
Closed
2 tasks

Meterpreter 'shell' no such command #9101

rocket-pig opened this issue Oct 20, 2017 · 20 comments

Comments

@rocket-pig
Copy link

Steps to reproduce

Open a session, type 'shell': or 'load -l' ...nothing.

msf payload(reverse_tcp_uuid) > sessions -i 3
[*] Starting interaction with 3...

meterpreter > shell
[-] Unknown command: shell.
meterpreter > load -l

meterpreter >

System stuff

Metasploit version

e941677 Land #9100, typo fix for MS07-017 exploit

I installed Metasploit with:

I first had a apt-delivered install, and just did a source install hoping that this would fix it. Same, both ways.

OS

Ubuntu 7000
Ubuntu, the absolute latest.
@rocket-pig
Copy link
Author

...or did I miss something?? Was this feature randomly removed? I cannot find any documentation leading to how one drops to shell via a meterpreter session. Is it broken, or is this a 'feature'?

@wvu
Copy link
Contributor

wvu commented Oct 20, 2017

What Meterpreter are you using?

@rocket-pig
Copy link
Author

I'm sorry, theres an option? How do I determine that?

@wvu
Copy link
Contributor

wvu commented Oct 20, 2017 

wvu@kharak:~/metasploit-framework:master$ search reverse_tcp_uuid
./modules/payloads/stagers/linux/x86/reverse_tcp_uuid.rb
./modules/payloads/stagers/php/reverse_tcp_uuid.rb
./modules/payloads/stagers/python/reverse_tcp_uuid.rb
./modules/payloads/stagers/windows/reverse_tcp_uuid.rb
./modules/payloads/stagers/windows/x64/reverse_tcp_uuid.rb
wvu@kharak:~/metasploit-framework:master$

@rocket-pig
Copy link
Author

Maybe you meant which payload on the target? If so, its reverse tcp from an x86 linux host. Not sure if that's what youre asking

@wvu
Copy link
Contributor

wvu commented Oct 20, 2017

It is. Thanks.

@rocket-pig
Copy link
Author

Along with the sudden disappearance of the shell/sh/all other scripts, the session now endlessly drops and reconnects. This is just into a local virtual machine.

@rocket-pig
Copy link
Author

Infuriatingly, a reboot and it works....? No idea why that would be. Sorry to clutter up the issues channel..thanks for all your coding awesomeness .

msf > use exploit/multi/handler
msf exploit(handler) > use payload/linux/x86/meterpreter/reverse_tcp_uuid
msf payload(reverse_tcp_uuid) > set lhost 0.0.0.0
lhost => 0.0.0.0
msf payload(reverse_tcp_uuid) > set lport 9999
lport => 9999
msf payload(reverse_tcp_uuid) > to_handler
[*] Payload Handler Started as Job 0

[] Started reverse TCP handler on 0.0.0.0:9999
msf payload(reverse_tcp_uuid) > set [] Sending stage (826872 bytes) to 192.168.56.101
[] Meterpreter session 1 opened (192.168.56.1:9999 -> 192.168.56.101:48842) at 2017-10-19 23:01:31 -0700
msf payload(reverse_tcp_uuid) > sessions -i 1
[] Starting interaction with 1...

meterpreter > shell
Process 1754 created.
Channel 1 created.

@rocket-pig rocket-pig reopened this Oct 20, 2017
@rocket-pig
Copy link
Author

Well, not entirely. Maybe somebody will shed some light on how to fix 'load -l' displaying exactly nothing. There's 66 scripts in scripts/meterpreter. What's gone wrong here?

@wvu
Copy link
Contributor

wvu commented Oct 20, 2017
edited

load -l shows extensions that are loaded.

@wvu
Copy link
Contributor

wvu commented Oct 20, 2017

https://github.com/rapid7/metasploit-framework/wiki/How-to-get-started-with-writing-a-Meterpreter-script

@rocket-pig
Copy link
Author 

meterpreter > load
Usage: load ext1 ext2 ext3 ...

Loads a meterpreter extension module or modules.

OPTIONS:

    -h        Help menu.
    -l        List all available extensions

meterpreter > load -l

meterpreter >

..is what i get.

@wvu
Copy link
Contributor

wvu commented Oct 20, 2017

Right, those are extensions, not scripts.

@busterb
Copy link
Member

busterb commented Oct 20, 2017

There are no 'extensions' for linux meterpreter currently - it is all bundled in with the base payload, so 'load -l' being empty is correct. @pbarry-r7 should have that PR up soon.

@busterb
Copy link
Member

busterb commented Oct 20, 2017

Now, I'm not sure if tcp_uuid should work correctly - that needs some investigation.

@rocket-pig
Copy link
Author

Thanks, I understand better now.
Short version: if shell disappears, reboot.

@rocket-pig
Copy link
Author

thanks for actually knowing the answer to my question, random dude number two

@OJ
Copy link
Contributor

OJ commented Oct 23, 2017 via email

@wvu
Copy link
Contributor

wvu commented Oct 24, 2017

tl;dr It's potentially a regression, and rebooting is potentially just a coincidence. If that works for you, by all means continue doing it, but that doesn't resolve a systemic problem. Feel free to open a new ticket if you've determined that the UUID stagers are broken. Thanks for the report.

@wvu wvu closed this as completed Oct 24, 2017
@wvu
Copy link
Contributor

wvu commented Oct 24, 2017

It's working fine for me. Entirely possible it's an environmental problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@OJ @busterb @wvu @rocket-pig