I set up a successful reverse shell but my commands return nothing

Question

I recently successfully uploaded an msfvenom binary payload into a Windows server 2008 VM.

My netcat listener displays the following message:

connect to [lhost ip] from (UNKNOWN) [rhost ip] 49155

which means it is connected.

But when I run commands such as dir it doesn't output anything. What do you think is the problem?

I generated a reverse tcp stager not a meterpreter shell payload — Non Fungible Person, Mar 06 '20 at 08:24

score 2 · Answer 1 · edited Aug 03 '20 at 09:57

2

I solved it by generating a different payload.

Payload that didn't work: /windows/x64/shell/reverse_tcp

Payload that worked: /windows/x64/shell_reverse_tcp (and adding some flags -e x64/xor -i 5)

edited Aug 03 '20 at 09:57

schroeder

answered Mar 06 '20 at 08:27

5

If I remember correctly, they are 2 different kinds of payload in msf: staged and non-staged. Payload in the form `shell/reverse_tcp` are staged payloads and the one in the form `shell_reverse_tcp` are not. Staged payloads are smaller in size, but after the connection the second stage has to be sent to the victim. The non-staged payloads are bigger but "all in one". That would be why a staged payload isn't working with nc as a receiver: nc is not sending the second stage. – Scaum Mar 06 '20 at 15:39

1 Answers1