This tutorial didn't work for me. I've tried it on at least 10 different PCs. sessions -l never lists any sessions. Any ideas??? I do update my metasploit each time.
Purehate: you say @Once fast track is closed I personally don't know how to save the session so what I do is scroll back through the logs @
where are the logs.... [I cant find it nor info on it anywgere]
This tutorial didn't work for me. I've tried it on at least 10 different PCs. sessions -l never lists any sessions. Any ideas??? I do update my metasploit each time.
Pffffffffffff...........maybe your PCs are not vulnerableOriginally Posted by shady
Don't eat yellow snow :rolleyes:
Try Windows 2000?
I've got a old Win 2000 laptop i keep just for TFPT practice and the like, and autopwn has worked first time every time against it
Trying to replicate it manually but i'm missing something because I can't do it normally using MSF.
The laptop is fully patched (i cross my fingers every time it auto-updates, and autopwn keeps working!) and its a genuine OS. Nessus still shows it to have 11 serious problems.....
TT
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning.
The machines I've been running metasploit against are Vista computers on the network. Anybody had success with them or just older versions of windows?
Mate this is POC stuff, you need to research more.
I'm with you KK, where can I find the logs for metasploit?
By the way the tute works a treat thanks pureh@techeers.
I feel sorry for them - those who take authority as the truth and not truth as the authority -- Zeitgeist
Hi,
First off I'll admit I'm a total noob here. I've been in the network field for several years, and am attempting to learn pen testing. I have a server running VMware Server with plenty of RAM for a test environment.
I've updated Fasttrack, and ran it on several machines and couldn't get a session.
Next, I fired up a DVL (damn vulnerable Linux), no session still. I admit I don't know much about DVL, and am sure it was because I didn't have any services up.
I then installed a fresh copy of XP (no SP, no updates, first build version ever directly from the MSDN site 8-25-05 version). I still can't get a session.
What am I doing wrong here?
Thanks
OK, I found the issue. I was simply too impatient. After waiting for a while it did open up a session on the fresh XP box.
I'll try some more boxes now, and document my results.
Yesterday I have tried metasploit autopwn against my XP pro (no SP's) and Server2003 (also, no updates). And it worked. But, after I have updated fast-track/metasploit (and other tools too), I couldn't get it working again!
Every time I try to get a cmd session on the above mentioned Windows boxes, I don´t get any.. that´s after I updated metasploit.
Are you, or enyone else, familiar with this issue?
BTW, I'm running BT3 final. Sorry if this is the wrong section for BT3.
I am not having this issue at all. I've only used Metasploit after upgrading it to the latest version with all of the updates. I was able to get two open sessions on a vanilla default install of XP every time. I was not able to get any sessions on a Server 2003 box, but that was R2 with all of the updates. This Wednesday I'll try to do a reverse shell session by executing the shell from the Server 2003 box and see what happens.
I am surprised that it didn't work for you after you updated Metasploit. Did you try rebooting the victim Windows boxes between attempts?
Yes. Neither the XP pro and 2003 are working anymore. I have multiple OS install in my victim machine. Before I updated fast-track it worked fine. Also, when I did the attack, I noticed the blue taskbar on XP pro suddenly changed to the standard gray.. don't know if that's because of my attack..
Is there a way to undo the update?
EDIT:
Ok, I've tried it again, but now I got a meterpreter session.. I tried 'ipconfig' and it displays the IP information of the victim PC so I'm in the victim PC but I want a cmd shell, not a meterpreter. Why am I getting a meterpreter session instead of cmd sessions? And what is the difference?
Posting Permissions
