Results 1 to 9 of 9

Thread: Metaspoit and Windows XP SP3

  1. #1
    Junior Member kdiggity317's Avatar
    Join Date
    Aug 2008
    Posts
    70

    Default Metaspoit and Windows XP SP3

    I have what I would think to be a simple question. Im wondering if anyone has an exploit that is known working on a windows XP SP3 box. Im kinda new to metasploit and have been doing alot of reading in the metaspoit toolkit book, and all my computers are up to SP3. I could get a HD from work and install a non patched XP and dual boot it with a 2000 box or maybe even as far back as 95 or 98. I would rather find something that will work on XP SP3 if anyone knows of anything. I have tryed a few exploits but they all say denied.

  2. #2
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I belive the ms-068 exploit will work if file and printer sharing is on. There is also a newer ie7 exploit that works on a fully patched system although if you have updated in the last week or so it may have been patched. check milw0rm for that one. Our fearless 1/3 leader muts wrote a sploit for it.

  3. #3
    Junior Member kdiggity317's Avatar
    Join Date
    Aug 2008
    Posts
    70

    Default

    Okay great I will check it when I get home and give it all a good testing. I really do hope it works cuz after trying so many exploits and still not getting anything other then denied gets a bit trying on me.

  4. #4
    Just burned his ISO
    Join Date
    Dec 2008
    Posts
    2

    Default

    I get same problems too, when i try the ms08 067 exploit
    i do make a connection but then i get
    Exploit completed, but no session was created.

    The only exploit i've managed to do is on win xp sp2
    and it was the real vnc 41 bypass

  5. #5

    Default

    Quote Originally Posted by crazyfrog View Post
    I get same problems too, when i try the ms08 067 exploit
    i do make a connection but then i get
    Exploit completed, but no session was created.

    The only exploit i've managed to do is on win xp sp2
    and it was the real vnc 41 bypass
    What kind of payload are you using? If you are using some kind of listening bind_shell payload, the firewall may be blocking incoming connections. Try a reverse tcp shell and see if it the target can call out. If you are trying some fancy payload, drop back to the basics (reverse_tcp or shell_bind_tcp) first.

    Very few, if any exploits are guaranteed to work 100% of the time either. You may need to try 2 or 3 times

    Also, keep in mind, some of these exploits are 1 shot (or just a couple shot) deals and after that, the stack they are affecting is so screwed up, it dies.

    Run the exploit a couple times, if it doesn't work after that, reboot, and try again with different options.

  6. #6
    Junior Member
    Join Date
    Sep 2008
    Posts
    32

    Default

    Another quick, semi-related noobish metasploit question.. when using autopwn, is there a way to see which exploit was successful in opening up a session? I've done a bit of reading and poking around in the console, but can't seem to figure it out, short of going through the list manually after getting the notice that it was successful.

    -- Tom

  7. #7
    Member hawaii67's Avatar
    Join Date
    Feb 2006
    Posts
    318

    Default

    You can use:

    sessions -l -v
    Don't eat yellow snow :rolleyes:

  8. #8
    Junior Member
    Join Date
    Sep 2008
    Posts
    32

    Default

    Thanks for that.. it was embarassingly simple, but I hadn't come across it (or at least remembered it at the time)

    -- Tom

  9. #9
    Good friend of the forums
    Join Date
    Feb 2010
    Posts
    328

    Default

    metasploit / autopwn portable :P

    http://rapidshare.com/files/16118073...itPortable.exe

    also search my other post for SMB_RELAY attack and 301 redirect of EXE's :P

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •