Docker Community Forums

Share and learn in the Docker community.

Docker - Metasploit Exploitation not working

docker

(Epic771) #1

I’m using Metasploit Framework inside docker container.

Now, i’m tying to exploit a vulnerable web application using Metasploit Framework which is running inside the docker container. Vulnerable application is also running on the docker container. Both --net=host.

So whenever i’m tying to exploit that application i’m not receiving meterpreter shell.

Setup is:
Main Host IP Address:- 172.17.0.1.
Ubuntu Machine IP address:- 172.17.0.2 - Running a vunlerable app. [Docker Container]
Metasploit Machine IP Address:- 172.17.0.3 - Running Metasploit Framework. [Docker Container]

I can ping, I can see the open port, services etc…

I’m a student, looking for help.

I can grab the banner, port is open.

I’m doing something wrong here ?

PS:- I have also linked both the container but received same.

Please help me!

Thanks!


(Nathan Le Claire) #2

@epic771 Please post more detailed steps to reproduce or at least more log output if you want help. You say that you cannot get the meterpreter shell but aren’t explaining how you are trying to do so or the issue you are seeing when you do.


(Epic771) #3

Hi,

Thanks for the reply…

I have solved the problem.

Actually I can’t use reverse meterpreter shell. In lots of cases, and specially when we have host a vulnerable app on the docker container then you have to use bind TCP or any bind shell, I have to used bind TCP and It it worked.

Thanks!!