wow that video rocks man! I cant wait to play with that script here, we just set up a windows machine last night too. who made the music track? sounds like Infected Mushroom. awesome ^_^
Updated to latest version , I have posted there thanks for advice sorry for any inconvenience guys.
wow that video rocks man! I cant wait to play with that script here, we just set up a windows machine last night too. who made the music track? sounds like Infected Mushroom. awesome ^_^
It is infected mushroom.
THAT is awesome, all your vids on that site are great man
nice video , i have a problem with autopwn , it freeze in the middle of the process specially when its try to crack apache server or IIS overflow exploits
Originally Posted by azagorath
It's not crashing, theres just carraige return after that specific exploit, just hit enter and you should see the msf> portion. That means it has completed.
fast-track working on patched xp?
Hi,
I've read a few posts/threads here & proved myself right, this cannot be done on a fully patched xp box right? I've experienced most the 'issues' other members are having, it' will either hang, or just scan my IP address & then give me
msf>
I type sessions -l & get nothing, so my question is, will there be a way around this in a later version of BT3?
My 2nd question is, I've also tried using the meterpreter attack, I watched a few different videos by members, think the 1st one I saw was by pureh@te, good video & looks like a very powerful tool, but again I had no success using this, is it because I am trying to attack my fully patched xp box? Obviously its patched because I want to see how good the tools are in BT, I dont want to have to reinstall xp with no SP just to prove it works, surely there's another way around it?
I hear you asking, what commands am I typing & where am I going wrong, well I'll show you
nmap -sV 192.168.1.10
returns back 139,445 open, new shell I open fasttrack, then option 2, then 3, then type my target IP address, this returns back saying nmap done in 20 seconds, & left with
msf >
So I take it my target is safe & cannot be compromised?
Please say NO & tell me there is away around this
Many thanks
A fully patched XP box is a little harder to compromise however not impossible. To be honest I am one of those people with a pesky set of morals and values that deter me from posting step by step instructions on working exploits. The point of working on older box's is so when you do have a need or a chance to use meterpreter in a pen-test situation you will know WTF you are doing.
For example: Certain airlines use their own codes and instructions for their computer networks that the handle ticketing and other tasks . Now suppose you want to "hack" them and get a couple of free tickets to Hawaii. So you gain entry to the system, and you get in there and you cant even change directories because you put the cart before the horse and forgot to learn the system commands.
In any case most of the time systems are compromised by running a vulnerable service that has not been patched. Microsoft has enough money to patch most vulnerabilities before a public exploit is released. (not always though).
Exploitation is hard work and the wetdream of having a Point-and-Click, No brain needed exploitation platform has only manifested it self in one software so far and that is Core-Impact. For 3,000 dollars a month you can own a licenses to it and it will do all the work for you.
just wondering
I had the same problem as acid burn on my fully updated xp box, i wanted to get it exploited without having to have a really out of date msos how ever i would go as far as to oppening some ports on my xp box, so i open up port 135 (cant quite remember), 1025 1026 and 5000 because i saw a few videos and thought maybe fast track had a unique xploit for some of those open ports, i have the fully updated metasploit 3, fasttrack, installed pexpect and sqlite3 and i have not had any luck even after opening some more portsi know for a fact that the ports are open on my xp box (even turned off firewalls like avast and windows firewall) how ever mayb it seems like the ports may not be the only issue, i saw from purehate's post. but if i were to make a service have it operate on an open port and some how make that service spawn a shell that i could use to gain acess to with back track, then i would b able to gain aces to my xp box am i right in thinking so
I've not had the chance to try this either as of yet but I will get around to it, however using a different method, I have done & exploited MY fully patched xp system as per video i have shared, However I will agree with pureh@teI had the same problem as acid burn on my fully updated xp box, i wanted to get it exploited without having to have a really out of date msos how ever i would go as far as to oppening some ports on my xp box, so i open up port 135 (cant quite remember), 1025 1026 and 5000 because i saw a few videos and thought maybe fast track had a unique xploit for some of those open ports, i have the fully updated metasploit 3, fasttrack, installed pexpect and sqlite3 and i have not had any luck even after opening some more ports
I have not used meterpreter before I am currently reading up on some stuff to try get my head around this before I attempt it, maybe somebody else can confirm if they HAVE used it on a fully patched xp system?
Posting Permissions