Handler failed to bind to X.X.X.X:XXXX

Hey there,
first time trying a machine (PermX) and I think I have a grasp of what I have to do, but I get the feeling that I have some sort of connection error. I think I am not allowed to go into much detail about what I have done, but I am at a point that I have access to a web shell over a web service running on that machine. But when I try that same exploit for getting a reverse shell (documentation says it is capable of doing so) I do not get an answer and yes, I opened the port beforehand with nc and have done everything like the documentation says, but it wasn’t working.
But since I had a working webshell I thought I could just write the command in the webshell to open a reverse tcp connection, opened a port for it, tried it with TCP, NC, PHP but none of them gave me a response.
So I switched to the metasploit framework, which has an exploit for the same CVE. Set all the Stuff but get the following error message:
"[-] Handler failed to bind to 10.0.3.15:443
[-] Handler failed to bind to 0.0.0.0:443
[-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:443).
"
I tried using as LHOST my eth0 IPv4 address as well as the IPv4 address of the VPN Gateway which is shown by HTB in the connections window but none of them worked. I am working on a virtual machine with a Kali Linux distribution. I tried using the ParrotOs from HTB but get the same error messages. I switched my Kali Linux VM from NAT to a Networkbridge, but then I don’t even get a IPv4 address on the adapter but just a IPv6 one.
I tried setting ReverseListenerBindAddress in Metasploit as well because someone wrote in some thread that this would help, but as far as I understand it, the “ReverseListenerBindAddress” attribute only changes that you don’t allow to revert to 0.0.0.0.
And honestly, I am just a bit lost right now and could need someone giving me little noob a helping hand.
If you need any more details, I would be pleased to provide them.
Thanks in advance.

1 Like

Hi,

why do you use eth*? Eth is an Ethernet (kinda physical) connection.
As far as I’ve seen, you should use “tun0” as the LHOST.
Furthemore, most of the HTB VPN IPs for the clients starts with 10.10... As far as what the subnet shows.

Oh my god, was I stupid. I had the VPN running over the Host machine and not the VM itself. I thought it would work 'cause the VM was using NAT and since the traffic travels over the Host itself I thought it would get translated.
Thank you very much.

1 Like