Results 1 to 7 of 7

Thread: XP - SP3 and windows firewall

Threaded View

  1. #1
    Just burned his ISO
    Join Date
    May 2010
    Location
    lost in a digital age
    Posts
    7

    Default XP - SP3 and windows firewall

    Hi guys, fairly new to this specific linux distro but have used Jaunty quite a bit in the past. I've been having fun reading in this forum for the last week or so.

    Anyway, getting to the point quickly, a couple of friends and I pulled out our old junker laptops or desktops, installed backtrack to the hard drive in a dual boot config, and agreed that we would pentest each other (only rule is no personal emails... but we can leave awkward comments on each other's facebook or myspace wall if we so desire ) . In the process of learning, we decided instead of rolling with the WINE VM XP SP2 set up, we'd have XP with SP3 (although one machine has Vista Home) and windows fire wall turned on in a dual boot system on our new backtrack machines. The goal, try and hack/crack each other as we're learn by doing kind of people.

    That said, I'm running through this to try the test with metasploit -
    Metasploit Unleashed - Mastering the Framework

    There's one problem I'm seeing here -

    Setting up your Windows XP SP2

    For this section we will download our target VM and use Wine to run a windows application known as WinRAR. This application will aid us in extracting the target VM from a split zip file. We encourage you to verify the integrity of the files to ensure you will have successful results. The process is very simple to do since back|track4 has the necessary applications to do this.
    Source: Windows XP SP2, section 2 on metasploit unleashed

    When I run through the metasploit tuts, I get the following when my friends or myself open the files -

    [*] Handler failed to bind to 192.168.1.6 binding to 0.0.0.0
    [*] Started reverse handler
    [*] Starting the payload handler...
    Would the following be why my meterpreter/reverse_tcp isn't working and freezes up at the payload handler -

    1. It's the XP SP3 that's causing the meterpreter/reverse_tcp to hang up as it should be SP2
    2. It could be the windows or perhaps router firewall getting in my way
    3. A combo of both?


    I figured it's either that the 3 of us on our tester machines are running XP SP3 or Vista Home (no idea what SP my friend has there as I despise Vista with a passion) or the windows/router firewall, as it will filter network traffic and it may be filtering out my reverse_tcp. However I'm new to metasploit and reading and testing so I figured I'd leave it up to the pro's.

    Thanks guys.

    Ok, I just tried the meterpreter/reverse_tcp pdf exploit on a vista machine... no dice. It always seems to keep freezing up at the payload handler stage. We turned off vista's firewall and AV for this test and still got blocked. Time to try it on the SP3 with the same set (no firewall, no AV). In the mean time I'm thinking the following for the vista test -

    1. Even though the exploit in the pdf section of the metasploit section says it got in a vista machine, this kind of exploit may not be designed for vista.

    or...

    2. I got something wrong with my routing and networking.

    Back to the experimentation.
    Last edited by Archangel-Amael; 05-17-2010 at 10:20 AM.

Similar Threads

  1. Windows Vista Stock Firewall
    By DarkFuds in forum OLD General IT Discussion
    Replies: 3
    Last Post: 10-15-2008, 12:29 PM
  2. firewall
    By ontherooftop in forum OLD Newbie Area
    Replies: 12
    Last Post: 06-19-2008, 09:48 AM
  3. Turned Windows Firewall off, now what?
    By abitaz in forum OLD Pentesting
    Replies: 28
    Last Post: 04-16-2008, 07:25 AM
  4. Windows firewall software opinions plz....
    By imported_wyze in forum OLD General IT Discussion
    Replies: 17
    Last Post: 11-27-2007, 08:57 PM
  5. Firewall
    By digiuk in forum OLD Newbie Area
    Replies: 16
    Last Post: 07-19-2007, 09:27 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •