Results 1 to 7 of 7

Thread: Problems with my test machine

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    19

    Default Problems with my test machine

    Hey guys.
    I just tried to get into my test-machine. (win2k SP4)

    I trid to get into it via Metasploit. I chose the RPC Dcom Buffer overflow. But everything I try I get this:

    Code:
    [*] Started reverse handler on 192.168.100.58:4444[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.100.24[135] ...[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.100.24[135] ...[*] Sending exploit ...[*] Exploit completed, but no session was created.
    Why is there never a session created?
    Thanks

  2. #2
    Member
    Join Date
    Feb 2010
    Posts
    75

    Default Re: Problems with my test machine

    not vunerable,read up about the exploits your trying to use and how they work.
    info <exploit>

  3. #3
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    19

    Default Re: Problems with my test machine

    Quote Originally Posted by pieface View Post
    not vunerable,read up about the exploits your trying to use and how they work.
    info <exploit>
    Sure?
    I thought that it must have been vulnerable to this. It was a Win 2k SP4 machine. It has to be vulnerable to nearly all the RPC exploits.

    So if you are right:
    could you suggest another one? (I mean another exploit, that may work.)

    Thanks a lot.

  4. #4
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Problems with my test machine

    A better idea is you find out what services are running on the target and then you look for exploits against those services. Since the target is yours you will be able to find this info in several ways.

  5. #5
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    19

    Default Re: Problems with my test machine

    Of course it would be easy to do that but I was looking for some way to get the information without getting to the machine in physical ways cause this would have nothin to do with reality.
    I found some ports open with nmap and I tried nexpose but with no result.
    nmap showed me msrpc on 135 and 445 open also 1037 for unknown and 2002 for global...

  6. #6
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Problems with my test machine

    Obviously you did not understand me completely. Let me try again. You must become one with the machine. NO wait. When you find a machine ( in your case the windows box) you then need to use a tool to determine what services (and as much info about said service) are running on the machine. Using nmap is one way of getting this info. There are others (which is why I stated the above). Once you have this info on the running services then you can look for vulnerabilities against those services.
    I would suggest you take a look at Penetration Testing Methodologies. Which one doesn't matter since the steps/procedures are pretty much the same.

Similar Threads

  1. Test Server?
    By gn0xter in forum Beginners Forum
    Replies: 5
    Last Post: 02-08-2010, 10:21 PM
  2. home network security pen test
    By cale_doses in forum Beginners Forum
    Replies: 4
    Last Post: 02-05-2010, 10:42 AM
  3. Test network suggestions
    By A Student in forum Beginners Forum
    Replies: 1
    Last Post: 02-04-2010, 06:15 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •