mailing list archives
Re: meterpreter flaky
From: Matt Gardenghi <mtgarden () gmail com>
Date: Wed, 5 Dec 2012 06:46:09 -0500
As I recall metsvc is depreciated. Try "run persistence" instead.
On Dec 5, 2012, at 6:39, k41zen <k41zen () me com> wrote:
Grateful for any help someone can offer on this please.
I've successfully got a meterpreter/metsvc_bind_tcp service running on a Windows7 host, however, I can rarely
interact with the session. AV and the FW are disabled. When I connect and execute commands such as ls and ps I
receive the error "Unknown Command".
Sometimes when I connect, the metsvc-server.exe crashes. Restarting the metsvc service on the target and reconnecting
doesn't seem to make a difference. Rebooting the target and starting my msfconsole session from scratch makes little
difference too. Uninstalling the service with "metsvc remove-service" and re-installing with "metsvc install-service"
makes also no difference.
I tried something completely different last night and created a new payload via a USB stick and executed that. This
gave me a meterpreter/reverse_tcp shell and through that I was then able to install the service again using "run
metsvc". I instantly connected and could interact with the session without issue. However I came in this morning and
have exactly the same issues of "Unknown command".
Can anyone help?