Results 1 to 9 of 9

Thread: Metasploit - My first noob question

  1. #1
    Junior Member Kungen's Avatar
    Join Date
    Feb 2010
    Posts
    81

    Default Metasploit - My first noob question

    Well the question is simple and wont surprise me if it has a really easy answer.

    When i try the smb_relay that is used in the b3teaser movie it only says:

    Exploit Failed: Connection timed out X.X.X.X:444

    When i try to attack my computer that have Windows Xp and No firewall/Antivirus.

    Im using a router: DGL-4300

    Can somebody answer this question?

    Reegards,

  2. #2
    Member
    Join Date
    Dec 2007
    Location
    @InterN0T
    Posts
    315

    Default

    Did you remember to set the SRVHOST & LHOST up correct?
    [quote][I]I realized, that I had fallen down from the top of the mountain into a deep, terrifying and dark hole, just to find out that another mountain in front of me, much greater than the previous, was the next step in life. I began to wander uphill on the next mountain of life while I knew it would be much harder than the previous mountain. [/I]- MaXe[/quote]

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Quote Originally Posted by Zacay View Post
    Well the question is simple and wont surprise me if it has a really easy answer.

    When i try the smb_relay that is used in the b3teaser movie it only says:

    Exploit Failed: Connection timed out X.X.X.X:444

    When i try to attack my computer that have Windows Xp and No firewall/Antivirus.

    Im using a router: DGL-4300

    Can somebody answer this question?

    Reegards,
    If the xp is updated fully then that exploit has been patched.

  4. #4
    Junior Member Kungen's Avatar
    Join Date
    Feb 2010
    Posts
    81

    Default

    Quote Originally Posted by pureh@te View Post
    If the xp is updated fully then that exploit has been patched.
    Well okey thanks, i think i understand

    But do you have any tips of an exploit that is kinda new and has not been patched?

    Reegards

  5. #5
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Just for general info to people wondering about exploits. For the most part by the time a exploit reaches metasploit it is most likely been updated. The exploits in metasploit are more for proof of concept. The real power of metasploit is its framework and available payloads for developing your own exploit when a vulnerability is found. The exploits at milw0rm generally work for a day to a few weeks if you are looking for something more recent. 0 day exploits are generally released in private first and then in public after the vendor has been notified of the bug. At that point its up to the vendor how long the bug remains unpatched.

  6. #6
    Junior Member Kungen's Avatar
    Join Date
    Feb 2010
    Posts
    81

    Default

    Quote Originally Posted by MaXe Legend View Post
    Did you remember to set the SRVHOST & LHOST up correct?
    I think so

    But was if correct for you?

  7. #7
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by Zacay View Post
    I think so

    But was if correct for you?
    So you didn't set them, you left them at default and hoped they were correct?
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

  8. #8
    Member
    Join Date
    Dec 2007
    Location
    @InterN0T
    Posts
    315

    Default

    If he just setted them default then it would not have worked as he has to either set
    himself to run f.ex. as a malicious host sending the exploit OR he has to set the target
    he wish to exploit.

    In both cases we're speaking about real ip's and not lan ip's if it's on the real internet
    we're discussing about. Correct me if i'm wrong ^^
    [quote][I]I realized, that I had fallen down from the top of the mountain into a deep, terrifying and dark hole, just to find out that another mountain in front of me, much greater than the previous, was the next step in life. I began to wander uphill on the next mountain of life while I knew it would be much harder than the previous mountain. [/I]- MaXe[/quote]

  9. #9
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    Quote Originally Posted by MaXe Legend View Post
    If he just setted them default then it would not have worked
    I'm not convinced it did work, that's why I asked the question the way I asked it.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •