Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Need advice on a basic exploit of unpatched XPSP2 VM

  1. #1
    Just burned his ISO
    Join Date
    Jan 2011
    Posts
    10

    Default Need advice on a basic exploit of unpatched XPSP2 VM

    Hi Guys

    This is my first post apart from my Hello post. Ive set up Virtual Box with BT and XPSP2 (unpatched) im attempting to do what I assume most will class a basic expolit. Ive tried numerous things to do this and read and watched many atricles and videos.

    Ive used nessus to scan for vulns and draged them through into a mysql database Ive them checked for vulns in the report which states around 20. Ive tried running autopwn on this host and depending on the switches used it either throws 2 or 3 exploits at it or about 300 odds (im still unsure why it does this) also when i use the -t switch its doesnt say its vunerable to any exploits.

    After this I tried the MS0867 exploit manually setting hosts and the meterpreter reverse tcp payload but this will also fail then ill get the generic host failure on the xp box and have to reboot it before trying again.

    Ive been at this for a few days so ive not just got borred and posted expecting someone to show me :-)

    Can anyone give me some pointers of what i should be doing I dont want to go any further until I can do this basic example

    Cheers

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    Quote Originally Posted by OBJBOX35 View Post
    Ive been at this for a few days so ive not just got borred and posted expecting someone to show me :-)
    I hope you have prepared yourself for disappointment, because its pretty unlikely that this will happen at this forum.

    There are any number of possible reasons why an exploit could fail and you havent really eliminated any of them in your post - this is what you need to do in order to get good help.

    My standard response to anyone who cant make Metasploit work is that they should understand how exploits work first, so that they know the limitations of exploits and so that they can troubleshoot any problems. I have written a number of exploit tutorials you can use for this, and you can find the links from our HowTo forum. Checking out Metasploit Unleashed would also be a good idea.
    Last edited by lupin; 01-20-2011 at 12:13 PM.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Junior Member
    Join Date
    Jan 2010
    Posts
    35

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    Something that helped me out when I was trying to figure out exploitation was picking a vulnerability and researching what and why it works before trying to use it in metasploit. Security Focus and the comments in the source code of the msf module were very helpful.

    If you have the cash and time I would recommend the offsec course. I'm taking right now and it is great....prob the best bang for the buck I've ever come across in training.

  4. #4
    Just burned his ISO
    Join Date
    Jan 2011
    Posts
    10

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    Quote Originally Posted by lupin View Post
    I hope you have prepared yourself for disappointment, because its pretty unlikely that this will happen at this forum.
    lol if you have a look again thats what I didnt expect :-)

  5. #5
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    Quote Originally Posted by OBJBOX35 View Post
    lol if you have a look again thats what I didnt expect :-)
    If you are not prepared to be disappointed then this is not the right business for you.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  6. #6
    Just burned his ISO
    Join Date
    Jan 2011
    Posts
    10

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    Quote Originally Posted by Archangel-Amael View Post
    If you are not prepared to be disappointed then this is not the right business for you.
    I think id better clarify my post

    I meant to say that i was not someone who had gotten bored and thought I would post in the forum assuming someone would hold my hand and talk me through how to do it. that’s what i didn’t think would happen and nor what I wanted to happen

    I was posting in the hope that someone maybe able to point me in the right direction of something I had missed or over looked.

    The set up I have is virtual box with an internal network hosting a backtrack instance and a vanilla xp sp2 instance. i have added iis with ftp and snmp following the guidelines from metasploit unleashed. as I said previously ive run /windows/smb/ms08_067_netapi against it with numerous payloads with no success ive also run nessus scans and attempted to use autopwn with no successes. does anyone have any ideas or advice on what i might have missed ?

    thanks guys

  7. #7
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    @OBJBOX35 I think you skipped some important steps on the path of learning these things. You are trying to exploit an XP SP2 without knowing how exploits actually work or more important why some exploits don't work, also the Metasploit Unleashed offers you a link to a Windows VM which is vulnerable to the exploits demonstrated there.
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  8. #8
    Moderator KMDave's Avatar
    Join Date
    Jan 2010
    Posts
    2,281

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    Would be also interesting to know your setup exactly like how the network is configured (same subnet etc.).
    Tiocfaidh ár lá

  9. #9
    Just burned his ISO
    Join Date
    Jan 2011
    Posts
    10

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    Quote Originally Posted by sickness View Post
    @OBJBOX35 I think you skipped some important steps on the path of learning these things. You are trying to exploit an XP SP2 without knowing how exploits actually work or more important why some exploits don't work, also the Metasploit Unleashed offers you a link to a Windows VM which is vulnerable to the exploits demonstrated there.
    I have configured that machine as Metasploit unleashed has it. Ive run the nessus scans etc and the machine is apparently vunerable to this expolit.

    I am attempting to learn but this seems to be the basic exploit for testing purposes on most sites

  10. #10
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Need advice on a basic exploit of unpatched XPSP2 VM

    Quote Originally Posted by OBJBOX35 View Post
    I think id better clarify my post

    I meant to say that i was not someone who had gotten bored and thought I would post in the forum assuming someone would hold my hand and talk me through how to do it. that’s what i didn’t think would happen and nor what I wanted to happen

    I was posting in the hope that someone maybe able to point me in the right direction of something I had missed or over looked.

    The set up I have is virtual box with an internal network hosting a backtrack instance and a vanilla xp sp2 instance. i have added iis with ftp and snmp following the guidelines from metasploit unleashed. as I said previously ive run /windows/smb/ms08_067_netapi against it with numerous payloads with no success ive also run nessus scans and attempted to use autopwn with no successes. does anyone have any ideas or advice on what i might have missed ?

    thanks guys
    You have been told by three people now that you should learn about how exploits work if you want to be able to troubleshoot this. One of those people even told you something specific you could do in order to gain this knowledge, and directed you to resources on the subject (hint: it was me).

    If you want to know what you are missing - you are missing the knowledge on how to troubleshoot this issue! Saying it again.... learn how exploits work!

    You say you dont want to be hand held, so prove it. Go learn what half the respondants here have atold you you need to know. Once you understand how exploits work you will be much better placed to find out where the problem lays when you cant get an exploit framework like Metasploit to do what you want it to.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

Page 1 of 2 12 LastLast

Similar Threads

  1. Replies: 1
    Last Post: 06-25-2010, 02:49 AM
  2. Replies: 0
    Last Post: 03-24-2010, 10:01 PM
  3. need some advice
    By wesmagyar in forum OLD Programming
    Replies: 14
    Last Post: 05-22-2009, 01:58 PM
  4. exploit for unpatched xp sp2
    By generaluser123 in forum OLD Newbie Area
    Replies: 5
    Last Post: 02-02-2009, 11:37 AM
  5. C/C++ IDE advice (one that works the same as visual basic)
    By balding_parrot in forum OLD Programming
    Replies: 25
    Last Post: 10-20-2008, 06:03 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •