Exploit completed, but no session was created

sj0b70d0 · June 1, 2025, 6:57am

When I am trying to use xoda exploit on the target machine as part of the ctf, the following error is showing up:

exploit(unix/webapp/xoda_file_upload)

[] Started reverse TCP handler on 10.2.8.23:4444
[] Sending PHP payload (wPRDKmiDmRJ.php)
[] Executing PHP payload (wPRDKmiDmRJ.php)
[] Exploit completed, but no session was created.

Looking at google, I have already tried disabling Defender Firewall and Threat Protection. However, the error persists. Is someone facing the same issue, if so, how did you overcome this?

karthikkb15-d5113892 · June 19, 2025, 8:05am

same here, any solutions so far, tried the ufw disabling but still produces the same output, exploit completed but no session created .

prezj1-2a4345b109534 · August 29, 2025, 5:14pm

You need to update the LHOST to the ip on your machine. You need to use the eth1 inet. This worked for me.

Hope this helps

Topic		Replies	Views
Metasploit lab: “Exploit completed, but no session was created” Penetration Testing Student (SP) red , lab , metasploit , ejpt , pts	8	4368	November 28, 2021
Session closed too fast Penetration Testing Professional red	1	300	September 19, 2021
Issue with ine lab Penetration Testing Student (SP) red , security , lab	0	5	August 28, 2025
Black-box Penetration Test 1: unable to initiate background session Penetration Testing Student (SP) red , lab , cybersec	1	365	March 3, 2022
Dll hijacking lab command error Penetration Testing Professional red , lab	32	415	October 22, 2021

Exploit completed, but no session was created

Related topics