Hi folks
After shadowbroker leaked NSA tools, I started to work around them and tried to find out what exactly the tools doing and fix vulnerable systems.
I’ve tested most of the exploits that are in FUZZBUNCH and others that could found in leaked data.
Now, it is around 3 days that I am on EXPLODINGCAN and working on it. I got what it is, but, HERE COMES PROBLEM
Let me explain what i did:
Run FUZZBUNCH -> set target host [external host] -> set local [ddns address that routes traffic to us] -> set redirection to NO -> Use explodingcan -> execute
After I did this, the module was executed and it gave me the below messages:
webdav is enabled
.
.
.
exploit complete
explodingcan succeeded
Connection to target established
waiting for next stage
Then I used command " session " and there was the ready session that was connected to target.
After some search, I found MSF module that can be used instead of EXPLODINGCAN in this LINK.
In the readme file has been shown that after executing module, the MSF should send stage to target, but when I hit ENTER, nothing appears, just below things
[*] Started reverse TCP handler on 0.0.0.0:44446
[*] Exploit completed, but no session was created.
My questions:
- If connection established in FUZZBUNCH, Why the shell does not exist?
- How can I get the shell from the session that its status is ready, in FUZZBUNCH?
[ As we know when we have the session in MSF we can get the shell from that with command " sessions -i “session_number” ]. - The EXPLODINGCAN module asks for " HOSTSTRING ".
What is exactly that?
The IP address of Google is “216.58.206.14”, so if Google is our target, the hoststring should be google.com? - In the FUZZBUNCH - EXPLODINGCAN, what is next stage after exploitation?