playing around with Metasploit I've come to realize that the Microsoft RPC DCOM-->Win32_reverse doesn't work on a patch winxp sp2 machine....has any body tryied any good exploit from Metasploite specially RPC on a sp2 machine?
thanks in advance...
Try doing some recon first to establish what you should be testing before wasting your time.
Just drop it in the appropriate directory.after searchin the tuts area...found some on how to use metasploit, I know how to launch an attach using metasploit what I didn't find was how to get new exploit in .pl or .C to work with metasploit if possible....ofcourse without using the -u /update option in metasploit,, don't know if this is possible.
You can also specify the path to a specific exploit via the commandline, I don't remember the details off the top of my head but I know I've done it before. Try google'ing "metasploit commandline" or "meterpreter commandline" or something logical like that.
I swear this is the last time I'm going to type this out. If you are to inept to use the search fuction you have no business using a exploit that could potentially damage a machine.
to compile a C exploit
you must be in the directory for it to work
the c compiler included in bt is called gcc. so if our exploit is 336. I'm making this of the top of my head because I'm working on the road and I'm on my phone.any way...
gcc -c 336.c
gcc 336.o -o 336
this will end you up with a .exe file in the same directory. now WITHOUT leaving the directory simply type 336 and the exploit will run. now here is the important note. about half the milworm exploits will not run because they have errors in the file. I belive the coders do this so script kiddies have to do some real coding to work through the errors.so if you find a exploit that has error I will help you work through it in the hopes that if we post our errors and our progress it will help others.
well Im doint this against vmware machines I have......and I'm doing it for learning proposes, I wanted to ask this method you just explain works the same with .pl files......and I notice that in the security focus website once you find an exploit the code would be generated for you at least that's what happened to me with a given perl exploit......I guess in that case you just copy and paste the .pl program to the metasploit directory and run the program from there.....
please correct me if I'm wrong
thanks in advance
also I notice that most of the exploits in the /pentest/framework3 or 2 have the .rb extension I'm assuming is for ruby....once I have selected a source code for a new exploit and compile should I drop it on the framework3 directory? and where b/c in that directory there are two files that seem to have exploits in them the /exploits and the /modules directory they both contain .rb files or it doesn't matter......
any input appreciated