Results 1 to 8 of 8

Thread: Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

Hybrid View

  1. #1
    Junior Member IAMZOMBIE's Avatar
    Join Date
    Jan 2010
    Posts
    81

    Default Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

    I'm currently playing around with a windows 2003 SP1 box. No further patches beyond SP1. No firewall.
    Using backtrack4 fully updated.
    It's weird, nessus says there's 5 High Risk vulnerabilities(ms08-067, ms09-001, ms05-027, ms06-040, and ms06-035),
    but it seems like none of the exploits work. Using either metasploit manually or with fasttrack.

    I'm wondering if anyone else has the same experience.
    Is Windows 2003 SP1 without any patches that safe?



    -Zombie

  2. #2
    bugger
    Guest

    Default Re: Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

    The ms08-067 exploit works fine, as well as most browser/client-sides. You will need to pick the target manually though (show targets, set TARGET X).

  3. #3
    Just burned his ISO
    Join Date
    Mar 2010
    Location
    /root
    Posts
    20

    Default Re: Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

    If you're looking to run exploits with metasploit, then I'd say scanning your box with NeXpose is a much more sensible choice, given the direct metasploit integration. Try it and see what you come up with.

  4. #4
    Just burned his ISO
    Join Date
    Apr 2010
    Posts
    11

    Default Re: Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

    Quote Originally Posted by Packet View Post
    If you're looking to run exploits with metasploit, then I'd say scanning your box with NeXpose is a much more sensible choice, given the direct metasploit integration. Try it and see what you come up with.
    NeXpose is just a vulnerability scanner right? If Nessus is showing issues, but metasploit doesn't have the exploits to attack the issues, then I don't think this would resolve the OPs problem. The OP needs better exploits than what metasploit has.

  5. #5
    Just burned his ISO
    Join Date
    Mar 2009
    Posts
    17

    Default Re: Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

    Just making sure, you ARE using Framework3 right? And updated recently?

    Also (though I've only used Windows 2003 once), does it have DEP/ASLR? As far as I know metasploit doesn't usually have DEP/ASLR integrated into the exploits, so one of the two could be blocking it. Also, does Metasploit say the exploit failed, or will it not even send the exploit?

  6. #6
    Junior Member IAMZOMBIE's Avatar
    Join Date
    Jan 2010
    Posts
    81

    Default Re: Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

    Quote Originally Posted by Qsl1pKNOTP View Post
    Just making sure, you ARE using Framework3 right? And updated recently?

    Also (though I've only used Windows 2003 once), does it have DEP/ASLR? As far as I know metasploit doesn't usually have DEP/ASLR integrated into the exploits, so one of the two could be blocking it. Also, does Metasploit say the exploit failed, or will it not even send the exploit?
    Thanks for helping. Yeah I have DEP off on the OS. I'm doing all of this inside vmware workstation. I checked the bios on the vm target and there's not security options in the bios that I can see.

    I did exploit 08-067 using the exploitdb, but metasploit dies and says it can't determine the language.
    This is it's output:
    [*] Started reverse handler on 192.168.126.129:4444
    [*] Automatically detecting the target...
    [*] Fingerprint: Windows 2003 Service Pack 1 - lang:Unknown
    [*] Could not determine the exact language pack
    [*] Exploit completed, but no session was created.

  7. #7
    Just burned his ISO sql-inj's Avatar
    Join Date
    Mar 2010
    Posts
    23

    Default Re: Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

    As mentioned before, set the language manually if it cant be detected automatically.

    show targets
    set target x

  8. #8
    Just burned his ISO
    Join Date
    Jan 2010
    Location
    finally home :) working in town
    Posts
    11

    Default Re: Win2k3 SP1 vs MetaSploit - How many exploits can you exploit?

    Hey man, sometimes you have to play with the module options. For example, changing the SMBPIPE to SRVSVC with windows/ms08_067/netapi, I got a session. When it was set to BROWSER I got nothing. And if I recall correctly it gave me a language message as well when it was set to BROWSER. I am not trying to spoonfeed anyone just promote tweeking and exploring the options.

Similar Threads

  1. Replies: 0
    Last Post: 03-24-2010, 10:01 PM
  2. i need some explantations about exploits
    By hans8 in forum Beginners Forum
    Replies: 5
    Last Post: 03-22-2010, 11:21 PM
  3. How do I learn how exploits work?
    By kervizic in forum Beginners Forum
    Replies: 5
    Last Post: 03-11-2010, 03:51 PM
  4. B4$ final using metasploit 3.3.4-dev to exploit IE6
    By bostonlink in forum BackTrack Videos
    Replies: 0
    Last Post: 01-24-2010, 06:14 AM
  5. Replies: 1
    Last Post: 01-21-2010, 07:46 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •