Results 1 to 4 of 4

Thread: Exploit Failed: Could not bind to....?

  1. #1
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    24

    Default Exploit Failed: Could not bind to....?

    Hello all. I was doing some pen testing the other day on my computer that I leave at my cousins house and im trying to get into it. (I'm trying to penetrate from the outside in).

    I nmap'd the IP a few times and found two open ports.

    The two ports I found (and the Syntax I used) open were...
    Code:
    root@desktop:~# nmap -sS -P0 -O xx.xxx.xxx.xxx
    
    Starting Nmap 4.20 ( ://insecure.org ) at 2007-12-08 15:47 CST
    Interesting ports on xx-xxx-xxx-xxx. (xx.xxx.xxx.xxx):
    Not shown: 1688 closed ports
    PORT     STATE    SERVICE
    25/tcp   filtered smtp
    135/tcp  filtered msrpc
    136/tcp  filtered profile
    137/tcp  filtered netbios-ns
    138/tcp  filtered netbios-dgm
    139/tcp  filtered netbios-ssn
    445/tcp  filtered microsoft-ds
    1027/tcp open     IIS
    5000/tcp open     UPnP
    I found 1027 and 5000 were open. But about an hour later and I used the same Syntax and found this....
    Code:
    root@desktop:~# nmap -sS -P0 -O xx.xxx.xxx.xxx
    
    Starting Nmap 4.20 ( ://insecure.org ) at 2007-12-08 15:47 CST
    Interesting ports on xx-xxx-xxx-xxx. (xx.xxx.xxx.xxx):
    Not shown: 1688 closed ports
    PORT     STATE    SERVICE
    25/tcp   filtered smtp
    135/tcp  filtered msrpc
    136/tcp  filtered profile
    137/tcp  filtered netbios-ns
    138/tcp  filtered netbios-dgm
    139/tcp  filtered netbios-ssn
    445/tcp  filtered microsoft-ds
    1027/tcp open     msrpc
    5000/tcp open     UPnP
    Does anyone have any idea why 1027 went from IIS to msrpc? This is throwing me off.

    The computer's OS is Windows XP with no service packs installed and isn't behind a router.

    I loaded up the Metasploit 3.0 framework and loaded the ms03_026_dcom exploit and ran a reverse shell payload ( windows/shell/reverse_tcp ).

    When I get all of the options set I give the green light to exploit and here is what I get...
    Code:
    msf exploit(ms03_026_dcom) > exploit[*] Started reverse handler[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...[*] Binding to ip_tcp:xx.xxx.xxx.xxx[1027] ...
    [-] Exploit failed: Could not bind to ip_tcp:xx.xxx.xxx.xxx[1027]
    msf exploit(ms03_026_dcom) >
    As you can see all goes well up till "Exploit failed: Could not bind to ...."

    Can someone tell me exactly what this means? Thanks

  2. #2
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    1) Your two (supposedly) different nmaps have the same timestamp.
    2) http://www.metasploit.com/archive/fr.../msg01160.html
    3) You're violating sbcgobal.net's usage policy(ies):
    http://sbc.yahoo.com/terms
    http://www.sbcglobal.net/help/legal/...ement.html#use
    http://www.sbcglobal.net/help/legal/...ml#termination
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  3. #3
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    24

    Default

    Quote Originally Posted by thorin View Post
    1) Your two (supposedly) different nmaps have the same timestamp.
    1) I forgot to copy the timestamp portion (my bad).

    2) I made a mistake about the port number. The port was actually 1025 for IIS so that probably means the syntax I used was different.


    Quote Originally Posted by thorin View Post
    1)
    You're violating sbcgobal.net's usage policy(ies):
    How am I violating their terms of service policy(ies)? Do they not allow security testing on your own machine?

  4. #4
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    How am I violating their terms of service policy(ies)? Do they not allow security testing on your own machine?
    No they do not.
    For starters check section 9 of the first TOS link, items #1, 4, 8, 9, 10, 11, and 13 etc.

    It might be your machine but it's their network.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •