Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: Metasploit Framework 3 and Windows NT4

  1. #1
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    6

    Default Metasploit Framework 3 and Windows NT4

    I ran an autopwn on a Windows NT4 sp6a that hasn't been patched in years. To my big surprise not one session was created. How come Metasploit can't exploit such an old architecture? And how can it be done?

  2. #2
    Developer balding_parrot's Avatar
    Join Date
    May 2007
    Posts
    3,399

    Default

    Quote Originally Posted by ReveB View Post
    I ran an autopwn on a Windows NT4 sp6a that hasn't been patched in years. To my big surprise not one session was created. How come Metasploit can't exploit such an old architecture? And how can it be done?
    Was the exploit patched in an earlier SP, was the exploit for some software you didn't even have installed, or the right version of. You see without all the info who can tell, it could be many things of which I only listed a couple.

  3. #3
    Very good friend of the forum drgr33n's Avatar
    Join Date
    Jan 2010
    Location
    Dark side of the moon ...
    Posts
    699

    Default

    Just because you run a unpatched version of windows doesn't mean it's vulnerable.

    Going back to balding's post Are you running any insecure software on the windows system?

    Have you researched what is vulnerable on that system?

  4. #4
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    6

    Default

    There isn't a whole lot of software that runs on there. It's a PDC and that's about it. I just assumed that after all those years of non patching, cracking an NT would be cake...

    In my tests I did knock the box out after a while. Services were hanging and a reboot was needed. So yeah DoS'ing is not a problem. Taking the box is something else...

  5. #5
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    This is the reason for a real exploit and some some point and click h4x0r button.

  6. #6
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by ReveB View Post
    In my tests I did knock the box out after a while. Services were hanging and a reboot was needed. So yeah DoS'ing is not a problem. Taking the box is something else...
    If the box can not perform it's intended function then I would classify it as owned.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  7. #7
    Jenkem Addict imported_wyze's Avatar
    Join Date
    Jul 2007
    Posts
    1,543

    Default

    Quote Originally Posted by purehate View Post
    This is the reason for a real exploit and some some point and click h4x0r button.
    Hence my reasoning for getting into rootkit dev
    dd if=/dev/swc666 of=/dev/wyze

  8. #8
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    6

    Default

    Quote Originally Posted by thorin View Post
    If the box can not perform it's intended function then I would classify it as owned.
    True. However. I want the box out. Together with his BDC friend. Problem is the NT 4 domain is needed for an ancient SMS setup that is needed on a daily basis. So if I want to convince the management it has to go, DoS won't be good enough... If I could control the box however (without using my admin account ) that would be more persuasive...

  9. #9
    Senior Member streaker69's Avatar
    Join Date
    Jan 2010
    Location
    Virginville, BlueBall, Bird In Hand, Intercourse, Paradise, PA
    Posts
    3,535

    Default

    Quote Originally Posted by ReveB View Post
    True. However. I want the box out. Together with his BDC friend. Problem is the NT 4 domain is needed for an ancient SMS setup that is needed on a daily basis. So if I want to convince the management it has to go, DoS won't be good enough... If I could control the box however (without using my admin account ) that would be more persuasive...
    I'm sure there are other methods to convince management that an antiquated box needs to go.

    Impending hardware failures are always a good excuse, incompatibility with new technology is also a good one.

    If the box is still running NT4, then chances are, the harddrive is going to fail, catastrophically, and then you have a chance to get a new pair of machines in, especially if the PDC goes first.
    A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

  10. #10
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    But of course he doesn't want to hear that because he wants us to spoonfeed him a hack so he can do something illegal.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •