You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I am trying to use Caldera alongside Metasploit to achieve lateral movement on a Linux target host, I've managed to get a Metasploit one line command to achieve a reverse shell and run a sandcat agent on the target host. This is the command I've been using that works through the terminal:
Bug Description
Whenever I attempt to run this through the Caldera web server using a sandcat agent I either get an "stty: 'standard input': Inappropriate ioctl for device" error or the command actually goes through and starts the sandcat agent on the target host but is short lived as a result of the process being killed due to a timeout. I've attempted to mitigate the second issue by running the agent in the background using an & but the process still gets killed anyway. Is there anyway I can have the sandcat agent persist on the target host without worrying about the command timing out? (Screenshots of the errors are below in the Screenshot section)
To Reproduce
Steps to reproduce the behavior:
Run an instance of Caldera on an attacking Linux host with Metasploit installed, and using a sandcat agent I load the Metasploit abilities onto Caldera using the access plugin
I generate an adversary consisting of the reverse shell exploit I'm using, I update the command to the one above and hardcode the target hosts IP into the command for testing purposes
I run the operation using the adversary I just generated through the sandcat agent, the reverse shell is achieved and the sandcat agent is briefly started just to be killed due to timeout or the "stty: 'standard input': Inappropriate ioctl for device" error.
Expected behavior
I am wanting the command to be considered successful by the operation status, and the sandcat agent to persist on the target host without the process being killed.
Screenshots
Desktop:
OS: Ubuntu 18.04
Browser: Chromium
The text was updated successfully, but these errors were encountered:
Looks like your first issue -- we aim to respond to issues as quickly as possible. In the meantime, check out our documentation here: http://caldera.readthedocs.io/
@NoorElAlfi Apologies for late response. TLDR - Im not the right person for looking into this issue. Im going to have to see if any on the team has messed with Metasploit integrations recently.
Thanks a lot for your help. I work closely with Noor on cybersecurity research. This tool is wonderful; but without metasploit properly working, we cannot find another approach for lateral movement through exploits.. Thanks in advance.
Hello,
I am trying to use Caldera alongside Metasploit to achieve lateral movement on a Linux target host, I've managed to get a Metasploit one line command to achieve a reverse shell and run a sandcat agent on the target host. This is the command I've been using that works through the terminal:
Bug Description
Whenever I attempt to run this through the Caldera web server using a sandcat agent I either get an "stty: 'standard input': Inappropriate ioctl for device" error or the command actually goes through and starts the sandcat agent on the target host but is short lived as a result of the process being killed due to a timeout. I've attempted to mitigate the second issue by running the agent in the background using an & but the process still gets killed anyway. Is there anyway I can have the sandcat agent persist on the target host without worrying about the command timing out? (Screenshots of the errors are below in the Screenshot section)
To Reproduce
Steps to reproduce the behavior:
Expected behavior
I am wanting the command to be considered successful by the operation status, and the sandcat agent to persist on the target host without the process being killed.
Screenshots
Desktop:
The text was updated successfully, but these errors were encountered: