Results 1 to 10 of 10

Thread: autopwn sessions not working

  1. #1
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    1

    Default autopwn sessions not working

    So i installed backtrack5, i wanted to see it's power so i setted up a windows 2003 server with some outdated services. I updated my backtrack and metasploit framework, and i setted up the mysql data base, after i was sucsessfully connected i did this:

    db_nmap 10.20.10.1 -O
    db_autopwn -e -x -p -t

    It found over 600 possible exploits. After it ran it all it did sessions and i had 46 sessions, so i thought i had rooted it.

    However the list contained; bsd, php, unix, osx and windows shells. I don't really get how i can have bsd shells on a windows box, but what ever. I tried them all with sessions -i [number] but they all said something like:
    "interacting with shell 3" and then it went inresponsive and i had no output at all.

    Whats happening here?

    tanks.

  2. #2
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    5

    Default Re: autopwn sessions not working

    Quote Originally Posted by T3rminator View Post
    So i installed backtrack5, i wanted to see it's power so i setted up a windows 2003 server with some outdated services. I updated my backtrack and metasploit framework, and i setted up the mysql data base, after i was sucsessfully connected i did this:

    db_nmap 10.20.10.1 -O
    db_autopwn -e -x -p -t

    It found over 600 possible exploits. After it ran it all it did sessions and i had 46 sessions, so i thought i had rooted it.

    However the list contained; bsd, php, unix, osx and windows shells. I don't really get how i can have bsd shells on a windows box, but what ever. I tried them all with sessions -i [number] but they all said something like:
    "interacting with shell 3" and then it went inresponsive and i had no output at all.

    Whats happening here?

    tanks.
    I have got the same issue... usually on port 21 (FTP) in manage to start a session to the victim, but when I interact with the shell, I can type whatever I want, but just get to see the $.
    I figured this was because I was stuck in the FTP chroot as user anonymous?

    Anyone?

  3. #3
    Just burned his ISO sasanet's Avatar
    Join Date
    Jun 2011
    Location
    EU
    Posts
    25

    Default Re: autopwn sessions not working

    stupid question:
    are u using iptables or some sort of firewall?
    if so flush them.

  4. #4
    Just burned his ISO
    Join Date
    Oct 2011
    Posts
    5

    Default Re: autopwn sessions not working

    Quote Originally Posted by sasanet View Post
    stupid question:
    are u using iptables or some sort of firewall?
    if so flush them.
    Firewall allows all outgoing traffic and denies incoming... I assume I don't need to put my backtrack system in the DMZ? Traffic would originate from my system and therefore open up the connection?

  5. #5
    Just burned his ISO bsmartt's Avatar
    Join Date
    Dec 2010
    Location
    /dev/null/
    Posts
    7

    Default Re: autopwn sessions not working

    Have you tried using metasploit to execute a single exploit manually against the target system or have you only tried to autopwn the target? db_autopwn is now deprecated (http://dev.metasploit.com/redmine/is...6#change-23031), and Rapid7's official answer to ANY questions about db_autopwn is "do not use db_autopwn". It's safe to say that any information autopwn tells you can no longer be trusted.

  6. #6
    Just burned his ISO theAud1t0r's Avatar
    Join Date
    Nov 2011
    Location
    Dark Side of the Moon
    Posts
    6

    Default Re: autopwn sessions not working

    Will they be implementing any alternate tools upon db_autopwn deprecation?

  7. #7
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: autopwn sessions not working

    I'd post that question on the metasploit mailing list...most of the dev team is on it (including HD Moore).
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

  8. #8
    Good friend of the forums zimmaro's Avatar
    Join Date
    Mar 2010
    Location
    milano
    Posts
    407

    Default Re: autopwn sessions not working

    hi,
    this is the same questions:
    http://www.backtrack-linux.org/forum...ad.php?t=46338
    regards zimmaro

  9. #9
    Just burned his ISO
    Join Date
    Jan 2010
    Posts
    1

    Default Re: autopwn sessions not working

    This really stinks that they're taking db_autopwn out of Metasploit. Is this a ploy to buy the professional version? I hope H.D. isn't losing his baby.

  10. #10
    Good friend of the forums scottm99's Avatar
    Join Date
    Feb 2010
    Location
    underwater
    Posts
    371

    Default Re: autopwn sessions not working

    The short story is that db_autopwn was not deemed stable and robust enough to stay in the framework. From all I've read (and I asked some guys at the Rapid7 booth at DerbyCon) they are committed to keeping MSF free & up-to-date. db_autopwn was always hit-or-miss with me...mostly miss

    As an aside, db_autopwn was removed from the svn trunk some time ago.
    Last edited by scottm99; 12-24-2011 at 07:25 PM. Reason: forgot something
    If I could figure out how to scuba dive & hack at the same time, there would be nothing I couldn't do...

Similar Threads

  1. No Sessions Created msfconsole db_autopwn
    By AlexDaGr8est in forum Beginners Forum
    Replies: 2
    Last Post: 01-03-2011, 11:27 AM
  2. Fast Track no sessions
    By kicker7734 in forum Beginners Forum
    Replies: 3
    Last Post: 02-10-2010, 10:29 AM
  3. fast-track, never has sessions
    By Mr.Happy in forum Beginners Forum
    Replies: 2
    Last Post: 02-09-2010, 11:33 PM
  4. Fast Track Meterpreter sessions
    By Marcinko in forum Beginners Forum
    Replies: 0
    Last Post: 01-30-2010, 06:52 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •