infinite random sessions opening #18395
Comments
|
Disclaimer: I'm making some guesses here, so I could be wrong. My guess is that you're opening a staged handler on a port that's getting information sent to it by something else. When a stager calls back to a staged handler, the handler assumes that it is the remote payload asking for the second stage of the payload, so it marks the session as started and sends the second stage. If ANYTHING connects to the reverse staged handler, the handler assumes the session has started and yeets the second stage. If you're using an exploit module that's not shown here, it is possible something is happening for it to call back and spawn multiple sessions like this, but from just what you've posted, my money is on something else hitting the listening port of the reverse staged handler you've started by invoking multi/handler. One way to see is to open up wireshark and see what's hitting the listening port on your loopback; another is to use |
|
They are all the same, just changing the Foreign Address port
|
|
I found the problem, I use ngrok and it is opening these sessions |
basically every time I open the exploit, it starts connecting to these sessions infinitely, I already have more than 500 sessions open, they open and close at the same time, I've tried restarting the console, I've tried restarting kali linux but every time When I open it, it keeps opening these sessions, and there is no device with the payload installed.
How do I stop this?
The text was updated successfully, but these errors were encountered: