Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 41

Thread: Playing with ms08_067

  1. #31
    Junior Member Tr00g33k's Avatar
    Join Date
    Jul 2008
    Posts
    46

    Default

    OK I have one wiered problem, i get the message
    Exploit sent to target successfully
    Telnet to port 4444 on target machine
    And when i try to telnet: connection refuesed, any idea?

    Tr00G33k

    and if i use metasploit:

    msf exploit(ms08_067_netapi) > exploit[*] Started reverse handler[*] Automatically detecting the target...[*] Fingerprint: Windows XP Service Pack 3 - lang:English[*] Selected Target: Windows XP SP3 English (NX)[*] Triggering the vulnerability...[*] Exploit completed, but no session was created.
    msf exploit(ms08_067_netapi) >

  2. #32

    Default

    What kind of payload are you using? If it is a simple tcp_backdoor then on the box you just exploited, open a cmd shell, run netstat -an and if you see TCP/4444 listening, then the problem is probably firewall related.

    If you are using a reverse_tcp_backdoor, then my guess is that the victim is not allowing the backdoor to install/execute. Try a different payload.

    Since you provided no information about your network or victim host setup, this is all I can think of.

  3. #33
    Just burned his ISO
    Join Date
    Sep 2007
    Posts
    1

    Default

    I saw this happening also..for my situation, the mcafee av was preventing the execution of the exploit..buffer overflow protection..if I disable the av, it worked fine.

  4. #34
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Quote Originally Posted by stevensmd View Post
    I saw this happening also..for my situation, the mcafee av was preventing the execution of the exploit..buffer overflow protection..if I disable the av, it worked fine.
    Well the exploit is a little old now so of course most major AV's will pick it up. Thats its job.

  5. #35
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    3

    Default

    Hi There!

    I was just reading about metasploit and I found this link... I was trying it out with my home network and I can't seem to make it work.

    I got this message:

    bt nmap-smb # nmap -T insane --script smb-check-vulns.nse -p 445 192.168.25.0/24

    Starting Nmap 4.60 ( h t t p:// nmap.org ) at 2009-02-24 18:48 GMT
    Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too).
    LUA INTERPRETER in nse_init.cc:763: ./scripts/smb-check-vulns.nse:64: module 'msrpc' not found:
    no field package.preload['msrpc']
    no file '/usr/local/share/nmap/nselib/msrpc.lua'
    no file './msrpc.lua'
    no file '/usr/local/share/lua/5.1/msrpc.lua'
    no file '/usr/local/share/lua/5.1/msrpc/init.lua'
    no file '/usr/local/lib/lua/5.1/msrpc.lua'
    no file '/usr/local/lib/lua/5.1/msrpc/init.lua'
    no file '/usr/local/libexec/nmap/nselib-bin/msrpc.so'
    no file './msrpc.so'
    no file '/usr/local/lib/lua/5.1/msrpc.so'
    no file '/usr/local/lib/lua/5.1/loadall.so'
    SCRIPT ENGINE: Aborting script scan.
    Interesting ports on 192.168.25.25:
    PORT STATE SERVICE
    445/tcp closed microsoft-ds
    MAC Address: 00:0F:66:47:A5:62

    I'am running backtrack on a USB. Any ideas or hints?

    Thanks in advance.

  6. #36
    Junior Member
    Join Date
    Jan 2010
    Posts
    42

    Default

    Quote Originally Posted by ghafud View Post
    Hi There!

    I was just reading about metasploit and I found this link... I was trying it out with my home network and I can't seem to make it work.

    I got this message:

    bt nmap-smb # nmap -T insane --script smb-check-vulns.nse -p 445 192.168.25.0/24

    Starting Nmap 4.60 ( h t t p:// nmap.org ) at 2009-02-24 18:48 GMT
    Warning: File ./nmap-services exists, but Nmap is using /usr/local/share/nmap/nmap-services for security and consistency reasons. set NMAPDIR=. to give priority to files in your local directory (may affect the other data files too).LUA INTERPRETER in nse_init.cc:763: ./scripts/smb-check-vulns.nse:64: module 'msrpc' not found:
    no field package.preload['msrpc']
    no file '/usr/local/share/nmap/nselib/msrpc.lua'
    no file './msrpc.lua'
    no file '/usr/local/share/lua/5.1/msrpc.lua'
    no file '/usr/local/share/lua/5.1/msrpc/init.lua'
    no file '/usr/local/lib/lua/5.1/msrpc.lua'
    no file '/usr/local/lib/lua/5.1/msrpc/init.lua'
    no file '/usr/local/libexec/nmap/nselib-bin/msrpc.so'
    no file './msrpc.so'
    no file '/usr/local/lib/lua/5.1/msrpc.so'
    no file '/usr/local/lib/lua/5.1/loadall.so'
    SCRIPT ENGINE: Aborting script scan.
    Interesting ports on 192.168.25.25:
    PORT STATE SERVICE
    445/tcp closed microsoft-ds
    MAC Address: 00:0F:66:47:A5:62

    I'am running backtrack on a USB. Any ideas or hints?

    Thanks in advance.
    It looks like the part in red shows the problem.

  7. #37
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    3

    Default

    Thanks for the reply...

    From what I understand is that I need to edit the nmap's configuration to use the one that I've downloaded right?

    I need to use NMAPDIR=(path of the directory)

    And is it the nmap_config.h that I need to edit?

    Sorry I'm just starting out with linux and I've very little knowledge in programming but I'am starting to read a lot about those things

  8. #38
    Junior Member
    Join Date
    Jan 2010
    Posts
    42

    Default

    Well, i'm a n00b too, but..
    AFAICS you're not using the same nmap version as i have (you're on 4.60 while mine is 4.76)...try updating everything using fast-track or slapt-get.
    Or maybe you only need to update your nmap scripts by following to the ground the instructions at the beginning of this topic...

  9. #39
    Just burned his ISO
    Join Date
    Jan 2009
    Posts
    3

    Default

    Hi again..

    After updating the NMAP to version 4.76 followed the steps on the beginning of the tutorial but I ran into another problem.

    bt ~ # nmap -T insane --script smb-check-vulns.nse -p 445 119.94.57.0/24

    Starting Nmap 4.76 ( h t t p://nmap.org ) at 2009-02-26 16:36 GMT
    SCRIPT ENGINE: '/usr/local/share/nmap/scripts/smb-check-vulns.nse' threw a run time error and could not be loaded.

    by the way I appreciate the help Chobin73... thanks

  10. #40
    Just burned his ISO
    Join Date
    Dec 2007
    Posts
    9

    Default

    Code:
    osscan2.cc:2413: error: 'crc32' was not declared in this scope

Page 4 of 5 FirstFirst ... 2345 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •