Page 4 of 4 FirstFirst ... 234
Results 31 to 37 of 37

Thread: autopwn w/ fast-track.py

  1. #31
    Just burned his ISO Irukandji's Avatar
    Join Date
    Feb 2010
    Location
    Wisconsin
    Posts
    12

    Default

    The taskbar changing colors could be from your attack. I noticed that when I ran autopwn against my xp box that the victim box got extremely slow, and sometimes very unstable. I think that this is due to the buffer overflow attacks that are being attempted against the vulnerabilities that were found with the initial nmap scan in autopwn.

    I don't know of any way to undo the fast-track update...maybe reinstall it...not sure.

    The meterpreter session is different than the command prompt. It has built in scripts that you can run through commands that make your life easier. I'd recommend becoming more familiar with meterpreter.

    Once you have an "msf>" prompt, type "sessions -l -i". This should show you all of the sessions that you have AND which exploit was used against the box. You can then open up Metasploit by itself and reuse the exploits that are listed here. Doing so will give you a session, which you can double click on to get a C: prompt.

    There may be an easier way to do this, but this way will work for getting a c: prompt.

    Correction.

    The command is "sessions -l -v", not "sessions -l -i"

    Sorry,

    Irukandji

  2. #32
    Junior Member
    Join Date
    Jan 2010
    Posts
    35

    Default

    Ah, I'm going to try that later today. But could it be that because I have updated fast-track, that now I get only meterpreter instead of a cmd shell?

    But I'll do sessions -l -v later and see. I will read up on meterpreter and metasploit in general.

  3. #33
    Just burned his ISO Irukandji's Avatar
    Join Date
    Feb 2010
    Location
    Wisconsin
    Posts
    12

    Default

    Additionally, you should be able to type "execute -f cmd.exe -c -H -i" to achieve the same thing. Although, I cannot take credit for this, I got it from hxxp://forums.remote-exploit.org/newbie-area/21910-pentesting-documentation.html

    I hope that helps.

  4. #34
    Junior Member
    Join Date
    Jan 2010
    Posts
    35

    Default

    Strange, when I am doing the fast-track attack, the target system is getting a shutdown message. This never happened before.

    I can't control it because it is a countdown.

  5. #35
    Just burned his ISO Irukandji's Avatar
    Join Date
    Feb 2010
    Location
    Wisconsin
    Posts
    12

    Default

    hmm, I wonder if the svchost process is getting terminated somehow. If so, that would explain why the system is getting a countdown reboot screen. There may be other reasons, but that is the most common one that I have seen in the past.

    I wish I had a bit more intuitive info for you here, but I don't.

  6. #36
    Junior Member
    Join Date
    Jan 2010
    Posts
    35

    Default

    I'm happy to say that your advice about the "execute -f cmd.exe -c -H -i" command worked!

    I've read somewhere on this forum someone said that if you can't find any exploits for the OS, then look at the running services... don't remember who said it but there was also some info on how to best determine which services are active on the target system..

  7. #37
    Just burned his ISO Irukandji's Avatar
    Join Date
    Feb 2010
    Location
    Wisconsin
    Posts
    12

    Default

    I'm glad to hear that it worked, but I'd still encourage you to learn the meterpreter shell inside and out. I think that it's WAY more powerful than just having a C: prompt, and automates a lot of simple tasks into a single command. Now that being said, there are still some things that I've found are easier to do in the C: prompt as well.

Page 4 of 4 FirstFirst ... 234

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •