Results 1 to 7 of 7

Thread: Metasploit and firewalls

  1. #1
    Just burned his ISO
    Join Date
    May 2010
    Posts
    7

    Default Metasploit and firewalls

    Hi all. I love metasploit, is a great tool, but always have the same problem.
    i make problems at my wifi network with my 2 pcs. 1 like attacker, the other one like attacked.
    I uninstall service packs and try to get meterpreter, but always have the same problem, the firewall. The xp firewall prevents the system from metasploit attacks. And i dont know how to solve it. If i disable the firewall all ok, but i dont disable it, metasploit doesnt work.
    Any idea to disable firewall from remote?

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Metasploit and firewalls

    Moved here from the Tools Request forum.

    Some options to achieve your goal:
    • Use a payload that disables the Windows Firewall as part of its initial code execution. Im not aware of an existing payload that does this in Metasploit so you would probably need to write the shellcode yourself.
    • Use a payload that can work through a firewall. Something like this perhaps. Or maybe one of the reverse_http payloads. Whether these will work depends on the allowed ruleset in place on the firewall.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Administrator sickness's Avatar
    Join Date
    Jan 2010
    Location
    Behind the screen.
    Posts
    2,921

    Default Re: Metasploit and firewalls

    Well you could go and give use some details about the exploit you are using, the Windows version, and what exactly are you trying to achieve.
    Metasploit is a very complex tool ...
    Back|track giving machine guns to monkeys since 2007 !

    Do not read the Wiki, most your questions will not be answered there !
    Do not take a look at the: Forum Rules !

  4. #4
    Just burned his ISO
    Join Date
    Feb 2006
    Posts
    24

    Default Re: Metasploit and firewalls

    The problem you are probably running into is that you system is fresh. This means that none of the services like File and Print sharing are turned on. As soon as they are turned on, the windows firewall automatically lets anyone connect to that machine. Now, in Vista and Win7 this has changed a bit with the idea of Public and Private networking but not much.

    Try making sure whatever you are trying to exploit is remotely accessible because most likely that is the actual way a system will be set up.
    Mubix
    CERT / Hacker / Security Enthusiast
    http://www.room362.com/sig.jpg

  5. #5
    Just burned his ISO
    Join Date
    May 2010
    Posts
    7

    Default Re: Metasploit and firewalls

    Thx Lupin and sickness for the answer. well,

    the firewall is the typical firewall of windows xp sp2. I dont know if metasploit has got a payload to bypass it or not, or maybe need i to shut down firewall? But how at remote?

    Yesterday i tried ms_08_067_netapi with several payloads. Vncinject, reverse_tcp, bind, etc, but with firewall enabled no works.

    Being at same lan is better than outside? I tried at lan, but metasploit with firewall enabled doesnt works. Maybe could i use something similar to netsh firewall console at remote or not?

    Sorry about my questions im starting metasploit just a few days ago.

  6. #6
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010
    Posts
    2,943

    Default Re: Metasploit and firewalls

    Quote Originally Posted by xxxhack2010 View Post
    I dont know if metasploit has got a payload to bypass it or not, or maybe need i to shut down firewall? But how at remote?
    Since you apparently missed the fact that I already gave you an answer to this point Im going to suggest you spend more time with Metasploit, and more time reading about how firewalls work. Try the Metasploit Unleashed course.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  7. #7
    Just burned his ISO
    Join Date
    Feb 2010
    Posts
    6

    Thumbs up Re: Metasploit and firewalls

    when a exploiting a system, you have to make sure that it's exploitable. i've read a lot forums on using metasploit, and i've been noticing that a lot of people are using exploits without knowing if the system has been patched.Or if that system is vulnerable to that specific attack. what i would do, or what i usually do is run a scan on the system, and see what vulnerability it has. Once the vulnerability is found, i would use that info to exploit the system.you may want to look into using a port scanner. its a good method to get info on a remote system that you're trying to attack.

Similar Threads

  1. Bypassing Firewalls in Ettercap + Wireshark
    By zals07 in forum Beginners Forum
    Replies: 1
    Last Post: 05-27-2010, 09:11 AM
  2. metasploit o non metasploit, questo Ŕ il problema!
    By eqweo in forum Discussioni Generali
    Replies: 2
    Last Post: 01-14-2010, 12:16 AM
  3. Hardware Firewalls
    By SephStorm in forum OLD General IT Discussion
    Replies: 25
    Last Post: 03-26-2009, 06:05 AM
  4. Help with metasploit?
    By unlazyfree in forum OLD BackTrack v2.0 Final
    Replies: 9
    Last Post: 08-08-2007, 01:54 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •