Port Forwarding/Ip Routing

The metasploit autoroute function is not working. It’s giving me an error that it’s deprecated.

[!] Meterpreter scripts are deprecated. Try post/multi/manage/autoroute.
[!] Example: run post/multi/manage/autoroute OPTION=value [...]
[-] Could not execute autoroute: ArgumentError wrong number of arguments (given 2, expected 0..1)

newer version of metasploit doesn’t support metasploit scripts. hence the autoroute script wont work.
You should use the post/multi/manage/autoroute module to achieve the same objective.

Refer this link if you need a walk-through.


Not working

1 Like

Add the subnet without /24. Just provide 172.16.50.0
Verify the route with route command.

Same error as above. I did route in the meterpreter shell.
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default 172.16.37.1 0.0.0.0 UG 0 0 0 ens192
link-local * 255.255.0.0 U 1000 0 0 ens192
172.16.37.0 * 255.255.255.0 U 0 0 0 ens192
172.16.50.0 * 255.255.255.0 U 0 0 0 ens224

@jaa I tried ip route add 172.16.50.0/24 via 172.16.37.234
I got this ip route add 172.16.50.0/24 via 172.16.37.234 RTNETLINK answers: File exists

Hello @1sroyrdso-1aabdd8b79,

There are a few things here:

  1. Autoroute has the netmask option, so adding /24 to the IP it’s not necessary and will probably cause errors.

  2. I’d migrate to a different payload than php if you want to autoroute via a meterpreter session as they are less prone to errors. For example; upload a .elf meterpreter payload and execute it on the target host.

  3. RTNETLINK answers: File exists means you already have the route configured in your host. However, this won’t work if you want to pivot through this host as it’s not a router. You’d need to use auxiliary/server/socks_proxy metasploit module and proxychains.

Thanks

I’m also running into the same issue and am curious if a solution was found?

Hey,

So here is an answer:

You need to background your session and add a route in msfconsole.
route add x.x.x.0 255.255.255.0 1 (this is the session you want this to add to)
route list
You should see the route now.
Then go back into your session by:
sessions -i 1
Should work. Here is a video I was able to find explaining this. The video is a bit long but at 4-5 minutes is the explanation.

Hope this helps!!!

Cheers!

1 Like

That did it, thanks. I was trying to get autoroute to work but sometimes you just have to do things the hard way. haha

In which lab/blackbox is this? I did not see it yet… Okay the

ip route add ROUTETO via ROUTEFROM

command I saw, but nothing (yet) with metasploit or with pivoting from a machine to another in the eJPT course.
So I am wondering where I can practice this part.