Viewing 15 posts - 1 through 15 (of 21 total)
  • Author
    Posts
  • #41314
    Avatararminius
    Participant

    Hello,

    So I was following the instructions from lession 17.7. It seems that in the post/windows/manage/autorun is not present.

    Metasploit Screenshot

    #41315
    Avatararminius
    Participant

    Screenshot

    Seems the screenshot didn’t upload properly, so here is a direct link.

    #41426
    diegodiego
    Moderator

    Hi Arminius!

    Once you are inside msfconsole you can use the command:
    search autoroute

    This will tell you the exact path to the module. Metasploit developer’s have moved it from the location showed in the course.

    Hope it helps!
    Diego

    #41503
    Avatararminius
    Participant

    Hi Diego,

    I found it and it did seem to work.

    However, now I’ve got a new issue: Screenshot

    I had forwarded the ports 4444 and 139 on my router. Still no effect.

    #41504
    Avatararminius
    Participant

    Perhaps this would help: Screenshot 2

    #41564
    diegodiego
    Moderator

    Hi Arminius!
    Your second link is not working.

    Can you show the results of:
    ifconfig and route -n in kali and metasploitable
    ipconfig in windows
    Can you share a screenshot of the Network settings used in VirtualBox for all the machines?

    Thanks!
    Diego

    #41577
    Avatararminius
    Participant

    Hi,

    That is quite strange.

    Here’s a screenshot of what you asked for.

    Screenshot

    #41625
    diegodiego
    Moderator

    Hi Arminius!
    The problem is that you are using bridged mode which is ro unreliable and more if you are attacking your host machine, also you won’t be able to pivot to metasploitable this way, you’ll need to use the 3 as virtual machines if you want to try this attack.

    Hope it helps!
    Diego

    #41638
    Avatararminius
    Participant

    Hi,

    So, the target machine is a remote machine, located on a completely separate network from mine. I am accessing the internet, to get to the target machine.
    Does this make any difference? If not, then I set them all to NAT Network?

    #41639
    Avatararminius
    Participant

    Also, just for information: the target machine is at our main office. I am working from my office, 30 mins away.

    #41663
    diegodiego
    Moderator

    Hi Arminius!
    Ok, so the attack can work even if the machine is outside the network but you’ll need to use a wireless adapter attached to kali and connected to your home router, then you’ll need to set the port forwarding rules, this is covered in Section 14 of the course. So the first step is to get a connection back from the victim machine, then you can try to pivot to any other machine. But I will suggest to try it in the virtual lab first, I mean in your host machine and kali and windows as virtual machines attaches to the same NAT Network.

    Hope it helps!
    Diego

    #41712
    Avatararminius
    Participant

    So how do I go about ‘attaching’ the adapter to kali? I am in the process of testing this over the virtual network. Already have my ports forwarded.

    #41727
    diegodiego
    Moderator

    Hi!
    Ok, so let’s solve 1 issue at a time, did you get a working backdoor using NAT Network?

    Let me know.
    Diego

    #41998
    Avatararminius
    Participant

    Hey,

    Yes I got a working backdoor using the NAT Network. I tried to run the script for pivoting and got this.

    #42035
    diegodiego
    Moderator

    Hi!
    Cool, it looks like the autoroute module worked.

    Can you show the results of:
    ifconfig and route -n in kali and metasploitable
    ipconfig in windows

    Thanks!
    Diego

Viewing 15 posts - 1 through 15 (of 21 total)
  • You must be logged in to reply to this topic.