0

I have a lab I am dealing with and need help to get a meterpreter session on this win 7 system.

My buffer overflow works great back to the pivot box. However since my attack box is not reachable from the subnet I cant find a way to get the meterpreter session.

I tried adding a portfwd on pivot but then bg that process and try a multi/handler the port is in use. no joy. Next I tried to open a nc listener on the pivot and got the win7 shell, awesome the bof works great, but cant break out of that and create a meterpreter session out of it.

The Win7 is mostly bare with no apps or tools and nothing basic to upload a tool (nc,wget,powershell, etc). However, to pivot from this box having a meterpreter session would be the way to go.

Any ideas, tips, articles to share??

diagram

schroeder
  • 123,438
  • 55
  • 284
  • 319
Tom
  • 101
  • 1
  • Any reason you can't just use a bind shell and connect to it from the pivot or via the pivot socks proxy? It's a lot less complex – wireghoul Feb 15 '22 at 23:47
  • I can connect from the pivot but, I guess I have to autoroute to the other subnet and establish another socks? – Tom Feb 16 '22 at 14:05

0 Answers0