I ran an autopwn on a Windows NT4 sp6a that hasn't been patched in years. To my big surprise not one session was created. How come Metasploit can't exploit such an old architecture? And how can it be done?
Just because you run a unpatched version of windows doesn't mean it's vulnerable.
Going back to balding's post Are you running any insecure software on the windows system?
Have you researched what is vulnerable on that system?
There isn't a whole lot of software that runs on there. It's a PDC and that's about it. I just assumed that after all those years of non patching, cracking an NT would be cake...
In my tests I did knock the box out after a while. Services were hanging and a reboot was needed. So yeah DoS'ing is not a problem. Taking the box is something else...
This is the reason for a real exploit and some some point and click h4x0r button.
I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.
I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.
Impending hardware failures are always a good excuse, incompatibility with new technology is also a good one.
If the box is still running NT4, then chances are, the harddrive is going to fail, catastrophically, and then you have a chance to get a new pair of machines in, especially if the PDC goes first.
A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.
But of course he doesn't want to hear that because he wants us to spoonfeed him a hack so he can do something illegal.