Skip to main content

Meterpreter Session Time out

·2 mins
OffensiveSecurity MetaSploit Meterpreter
Table of Contents

A year ago while testing a https reverse meterpreter shell after a 15 or 30 minutes the meterpreter session would die. After investigating I ensured my reverse payload was not been dectected by the anti-virus, but the issue persisted

I tried the TCP Meterpreter Shell and that resolved the issue, could be the related to network conditions affecting the HTTPS connection as a result the payload wasn’t a good fit for that environment

Leason learned if a specific payload doesn’t work, try a different one

But this issue lead me to further investigate and see what could be on my control to improve the connection and I found I could set the following parameters for the meterpreter sessions

  • Comm Timeout (Communication timeout)
  • Retry Total Time
  • Retry Wait Time

You will have to experiment with the values until you reach the one that best suitable for the network environment I recommend to use Only if you already have attempted to change payloads and you still have issues

The command #

    set_timeouts -x 0 -c 100000 -w 2500 -t 100000

Flag and meaning #

  • The -x stands for Expiration Timeout
  • The -c stands for Communication Timeout
  • The -w stands for Retry Wait Time
  • the -t stands for Retry Total Time

To view the results of newly configured settings run the following command #

    get_timeouts

Reference: Metasploit Timeout control