Home page logo

metasploit logo Metasploit mailing list archives

Re: Meterpreter Reverse HTTPS Issue
From: Florian Roth <Neo.X () web de>
Date: Sun, 16 May 2010 10:04:16 +0200

As you already noticed - I suppose the problem resides in the network or
transport layer as everything works out fine if you are on the same
network with the target machine. 

You should check with wireshark or tcpdump, if there is some network
activity - first on the target site and then at your attacker system. 

What I would expect to see is:
- DNS queries without valid response on the target system
- TCP resets coming form your router
- ICMP destination unreachable originating from a router 

So - install a wireshark on the target machine, start capturing and then
start your meterpreter payload. 


On Sat, 2010-05-15 at 18:27 -0500, mickylee () hushmail com wrote:
Hash: SHA1

I'm running a multi handler in msfconsole and having an issue with
meterpreter where it hangs on the following:

[*] Patching Target ID Vkev into DLL (obviously target id will be

I generated a meterpreter reverse https payload using msfpayload
and ran it on a target VM running Windows XP. After a while the
meterpreter process will finally just die on the target system.
Does anyone have an idea what would be causing this?

I only seem to notice this when I run the meterpreter executable in
my VM and I'm on a network other than my home network. In both
cases I have set LHOST to my routers external IP and LPORT to 443.
I am forwarding all traffic to a NAT host on my internal network.
As I said, it only seems to hang on that when I'm on someone else's
network, but never when I'm on my own.

Thanks for any ideas on what's causing this!
Charset: UTF8
Version: Hush 3.0
Note: This signature can be verified at https://www.hushtools.com/verify



Saludos cordiales
Mit freundlichen Grüßen
Florian Roth

Tel:    +49 06251 - 827 9402
Mobil:  +49 175 - 7240 363       
Fax:    +49 12125 - 11699510
eMail:  Florian.Roth () email de


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]