Metasploit Exploits

a quick training session of google'fu lead me to this

Metasploit Tutorial

remember little grasshopper, practice the antique martial art of google'fu and you will succed :D

this is no way of spoonfeeding, just a way to open the OP's eyes on SEARCHING FOR INFO before you ask

Quote:

---

Originally Posted by Kriss128

Not a problem. To make metasploit alot easier db_autopwn which phoenix910 stated. it automates all the exploits and payloads that are related to the ports and services running on target machine. Theres a video of that on the link I posted. And for your ftp attempt it be of not been the exploit but the paylod you used so try some different ones.

---

This is also a untrue statement. Metasploits autopawn function only tries the generic shell reverse payload. It does not go through every payload assosiated with every exploit. Thorin said it best, the original poster has no idea about versions, vendors, patches, POC and all the other things that go along with this kind of reasearch. Your exploit, whatever it is has to match the port, The software, The operating system, The version of the software and the payload must be a conceivable one. Even after all that it may still not work. Thats the ropes find another way in.

Quote:

---

Originally Posted by thorin

1) It's a technical forum, you can't open with a statement which is blatantly and obviously incorrect and expect technical people to believe that you know what you're talking about.

2) Just because a port is open DOES NOT mean it is vulnerable.

3) Knowledge of Metasploit isn't the issue. Your inability to exploit an FTP service has nothing to do with your knowledge (or lack thereof) of Metasploit. It has to do with you not having done all the necessary steps to identify the service and potential exploits associated with that service. ie: Great port 21 is open. Is it ACTUALLY FTP or is it something on a non-standard port? What specific FTP server is running? What specific version? What operating system is it running on top of? Did you check Secunia/Mitre(CVE)/BugTraq/etc, or product Changelogs etc to see if that server (software) and version are vulnerable to anything? Does Metasploit or Milw0rm etc list any exploits/proof of concepts for what you've encountered.

4) "Similarly which is the best metasploit exploit for the following ports?" Is an invalid question. Because:
a) "Best" is qualitative not quantitative. Best for whom? Best to accomplish what?
b) The "best" exploit for a given services is dependent upon much more then an open port. As mentioned in #2 and #3 above it depends on actual software, version, OS, etc.

5) "Is there any reference/guide/tutorials regarding metasploit exploits." yes there are, try practice your google'fu.

---

Hah... owned!

Kriss128 I did look at that link and it was quite good. Now no more holding back, Primey I almost forgot that the best place is always google and far more reliable unlike small dicked wiseguys waiting to vent out their frustration on u and proving themselves Gurus(All known wise guy) by trying to put others down. (I've seen this many times on other posts as well and is this what they call helping someone). They think that I'm using an exploit that is meant for Vulnerable XP machine and I'm using it to exploit a machine that runs windows 2000 that has open FTP port(Example). LOLOL. There's no point in talking/arguing with a fool because firstly he will say he knows everything and he's right. Secondly he will bring you down to his level and finally beat you with his experience. Sayonara.

I hope they are patched and it doesn't let a script kiddie like you into thier system.

Quote:

---

Originally Posted by thorin

5) "Is there any reference/guide/tutorials regarding metasploit exploits." yes there are, try practicing your google'fu.

---

A big A-HA for moi !!! The 'fu is like Kung Fu....All this time I never really 'got it'... Wi-Fu, Google'fu... FU**in' A :D

Quote:

---

Originally Posted by playtowin

Kriss128 I did look at that link and it was quite good. Now no more holding back, Primey I almost forgot that the best place is always google and far more reliable unlike small dicked wiseguys waiting to vent out their frustration on u and proving themselves Gurus(All known wise guy) by trying to put others down. (I've seen this many times on other posts as well and is this what they call helping someone). They think that I'm using an exploit that is meant for Vulnerable XP machine and I'm using it to exploit a machine that runs windows 2000 that has open FTP port(Example). LOLOL. There's no point in talking/arguing with a fool because firstly he will say he knows everything and he's right. Secondly he will bring you down to his level and finally beat you with his experience. Sayonara.

---

I want every one to see this. This is a perfect example of a idiot. We have answered his question and pointed him in the right direction but the answer we gave was not what he expected. Its also obvious that this person is not involved in any sort of legitimate penetration testing. That Metasploit PDF is going to do you ZERO good with out some basic understanding of how a network works and what services do what. We are very sorry that the truth offended you and that our standard of helpfulness was not up to your expectations. We are really sorry that there is no big H4X0R it n0w button and some of this stuff requires work. The only reason you feel belittled by the comments directed at you is because you came to us with a question which was vague and had no more info to back it up.

EX. of a Lame question - Hey peeps wuz sup! I installed the backtrack and I cracked a wep key soooo... fast. Now I be doing some scanning and I seen some ports open like 445. What does dat mean? I seen in the milw0rm folder there was some 445 sploitz so I compiled them all and ran them all against the Box but I can't get no shell. Wuz up wit dat?

EX. of a correct and well thought out question - Hi guys, I'm a small business owner with a very small network and I am interested in see how secure I am. I have down loaded backtrack and read the guides which have led me to crack my WEP key rather quickly. I have now changed to WPA but now I am rather interested in taking the test a little further. I have completed some scans of my LAN with 3 different scanners and determined the operating systems running and the ports running. I have noticed that exploits are version specific and I was wondering how I can determine if a exploit will be successful. Thanks for your help.

I am far from a GURU here but I do know how to do my own research and ask a well thought out question. Once again we are very sorry to have offended you.

Cheers:)

And besides all of pureh@tes excellent points, I don't think that causing trouble is going to help you get along in this forum. We tried to help you, but the advice wasn't taken, and then you tried to pay us out with the following, which doesn't even make sense:

Quote:

---

Originally Posted by playtowin

They think that I'm using an exploit that is meant for Vulnerable XP machine and I'm using it to exploit a machine that runs windows 2000 that has open FTP port(Example). LOLOL.

---

If that is supposed to be a payout, what exactly are you saying?? Anyhow, next time, do your research, and accept that maybe you don't know everything, and maybe we don't either, but we took the time (our time) to help someone who was unsure about something, and the only thanks we get is a face full of "suck that losers - I know more than you". Have a nice day :)

-Stephen

Quote:

---

Originally Posted by pureh@te

EX. of a Lame question - Hey peeps wuz sup! I installed the backtrack and I cracked a wep key soooo... fast. Now I be doing some scanning and I seen some ports open like 445. What does dat mean? I seen in the milw0rm folder there was some 445 sploitz so I compiled them all and ran them all against the Box but I can't get no shell. Wuz up wit dat?

---

Sounds like a cousin I have :mad:

Well if anything positive has come from this thread, I can sleep @ night now knowing what the 'fu stands for in Google'fu / WiFu :D

Awww playtowin, I'm sorry you feel we've mistreated you. No one vented, no one put you down, we simply illustrated the errors in your plan. If realizing such errors exist presents some type of problem for you we're sorry but that's hardly our problem.

Quote:

---

Originally Posted by playtowin

They think that I'm using an exploit that is meant for Vulnerable XP machine

---

Where did anyone suggest that?

Quote:

---

and I'm using it to exploit a machine that runs windows 2000 that has open FTP port(Example). LOLOL.

---

You still haven't got the point, although you provided further information this time you're still missing important details. 1) Is it actually a FTP server? Or is it something running on a non-standard port. 2) What FTP server is running on that port (MSs? Serv-U? filezilla? etc)

swc666 you crack me up.

pureh@te masterfully said!