Metasploit-framework: BindFailed The address is already in use or unavailable if rebinding the address happens too quickly on Linux

you most likely have something already running on that port. Try running netstat and seeing what is already listening, maybe apache with ssl enabled? maybe another multi handler listening on the same port? The error is clear what the error is, I don't believe this is a bug.

lsof i :443

try 'jobs' to see if you have any listening jobs inside of Metasploit as well.

If it works 1/3rd of the time, could you post a little more context? Is this just you starting the listener over and over inside of msfconsole?

I tried this a lot on macOS and had no issues. Switched to Debian packages, and I do see what you are hitting. Just starting multi/handler over and over quickly doesn't release the socket fast enough:

msf exploit(multi/handler) > run

[*] Started HTTPS reverse handler on https://192.168.86.35:8443
^C[-] Exploit failed: Interrupt 
[*] Exploit completed, but no session was created.
msf exploit(multi/handler) > run

[-] Handler failed to bind to 192.168.86.35:8443
[-] Handler failed to bind to 0.0.0.0:8443
[-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8443).
[*] Exploit completed, but no session was created.
msf exploit(multi/handler) > run
^[[A
[-] Handler failed to bind to 192.168.86.35:8443
[-] Handler failed to bind to 0.0.0.0:8443
[-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:8443).
[*] Exploit completed, but no session was created.
msf exploit(multi/handler) > run

[*] Started HTTPS reverse handler on https://192.168.86.35:8443
^C[-] Exploit failed: Interrupt 
[*] Exploit completed, but no session was created.

We may be missing a SO_REUSEADDR in the port bind that causes the OS to delay releasing the port, or some related issue that causes the bind to fail if the port is released too recently.

Seems you need about a 2 second delay before starting a new handler to avoid the problem on a recent Debian install.

SE notes on differences between SO_REUSEADDR on different OSes, and even Linux kernels:

https://stackoverflow.com/questions/14388706/socket-options-so-reuseaddr-and-so-reuseport-how-do-they-differ-do-they-mean-t

Adding the Linux-specific call:

sock.setsockopt(::Socket::SOL_SOCKET, ::Socket::SO_REUSEPORT, true)

in addition to SO_REUSEADDR in rex-socket-0.1.14/lib/rex/socket/comm/local.rb allows this to rebind readily on Linux too, though there could be some complications as Linux will try to do load-balancing if multiple sockets are still running.

busterb, thank you!

I thought that went upstream a while ago. My apologies, that's on me. I must have dropped it when the SSL client stuff or gemification pushes happened.

It's my first start today:

root@vKali:~# msfconsole -q -r unicorn/unicorn.rc 
find: unknown predicate `-y'
[*] Processing unicorn/unicorn.rc for ERB directives.
resource (unicorn/unicorn.rc)> use multi/handler
resource (unicorn/unicorn.rc)> set payload windows/meterpreter/reverse_https
payload => windows/meterpreter/reverse_https
resource (unicorn/unicorn.rc)> set LHOST 192.168.0.30
LHOST => 192.168.0.30
resource (unicorn/unicorn.rc)> set LPORT 443
LPORT => 443
resource (unicorn/unicorn.rc)> set ExitOnSession false
ExitOnSession => false
resource (unicorn/unicorn.rc)> set EnableStageEncoding true
EnableStageEncoding => true
resource (unicorn/unicorn.rc)> exploit -j
[*] Exploit running as background job 0.
msf exploit(multi/handler) > 
[-] Handler failed to bind to 192.168.0.30:443
[-] Handler failed to bind to 0.0.0.0:443
[-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:443).

msf exploit(multi/handler) > jobs 

Jobs
====

No active jobs.

msf exploit(multi/handler) > rexploit -j
[*] Stopping existing job...
[*] Reloading module...
[*] Exploit running as background job 1.

[*] Started HTTPS reverse handler on https://192.168.0.30:443
msf exploit(multi/handler) >

Me too have the same issue , i think its kinda related to kali 2018 maybe it got some bugs or something , cuse before i have updated my OS it was working verywell , Anyway i hope anyone answer this and ThankYou all

@GoXu0
I have tested in Debian 9, and i got the same error.

I'm having the same issue here with the listener failing to start. I'm running the latest version from git (msfupdate) and handlers fail to start at random.
This happens when I start msfconsole and have no services running on my host (ubuntu 16.04). Sometimes after multiple tries it will work, sometimes it won't. If it doesn't work netstat still shows that ruby is actually using the port. I'm using exploit/multi/handler as first thing when starting msfconsole, so it shouldn't be a problem with fast rebinds.
My colleague next to me has the exact same problem so it is unlikely to be something in my local setup.

Is there a solution to this issue, tried netstat, no running process on 4444. Jobs too.

With the new version, the problem disappeared.

i facing this problem in msf5, too

i having the same issue plez anyone solve it plzz

same issue some one help us please //=

Im having the same also, brandnew VPS just installed MSF using nightly installers and getting [-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:443) when I try and start the handler.

=[ metasploit v5.0.34-dev-

use multi/handler
set payload windows/meterpreter/reverse_https
set LHOST (Removed for reorting)
set LPORT 443
set ExitOnSession false
set AutoVerifySession false
set AutoSystemInfo false
set AutoLoadStdapi false
exploit -j

Trying rexploit -j

msf5 exploit(multi/handler) > rexploit -j
[] Stopping existing job...
[] Reloading module...
[] Exploit running as background job 1.
[] Exploit completed, but no session was created.

[-] Handler failed to bind to (Removed):443
[-] Handler failed to bind to 0.0.0.0:443
You can see MSF is the service using port 443

[*] exec: netstat -tulpn

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1598/sshd
tcp 0 0 (Removed):443 0.0.0.0:* LISTEN 2583/ruby

Try closing Burpsuite!!

how can we kill a bind address in metasploit guys,i eman how can we stop a tcp connection adn start another one ?

how can we kill a bind address in metasploit guys,i eman how can we stop a tcp connection adn start another one ?

List processes listening on port 1234: lsof -i :1234
Kill a process with process ID 5678: kill -9 5678

@busterb do you mind helping?
This is the error that I encounter:
msf5 exploit(apple_ios/browser/safari_libtiff) >
[-] Handler failed to bind to 1:8080:- -
How can I fix this?

@hokd2905 Please do not spam the same question across multiple posts. If you need help, please visit the support channel at http://metasploit.slack.com/. Questions here should only be in support of solving problems within the framework itself, not questions on how to use Metasploit itself, which are better answered in the Slack channel.