Results 1 to 5 of 5

Thread: 135/tcp port?

  1. #1
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    6

    Default 135/tcp port?

    okay I am on Metasploit 2.3 web interface and I used the MSRPC DCOM exploit because I know for a fact that my computer has a 135/tcp port open. I picked the payload Windows32reverce, vncinject and when i ran the exploit I got this
    [*] Starting Reverse Handler.[*] Sending request...[*] RPC server responded with:[*] RESPONSE: response[*] STUB DATA = \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x 00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x 00\x00\x00\x05\x00\x01\x00\x04\x00\x08\x80\x01\x00 \x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x 00\x00\x00\x00\x00\x00[*] This probably means that the system is patched[*] Exiting Reverse Handler.

    I ran nmap and it does show that port open. Just wanted to know why this. Why would it be showing up in nmap as being opened?

  2. #2
    Member
    Join Date
    Dec 2007
    Location
    @InterN0T
    Posts
    315

    Default

    It means the remote target is listening on port 135.

    Though having a port open doesn't allways mean that service is "hackable".
    Neither does it mean it has to be what it usually is, but on windows 135 is allmost
    allways service 135 (some netbios thing i don't use xD)
    [quote][I]I realized, that I had fallen down from the top of the mountain into a deep, terrifying and dark hole, just to find out that another mountain in front of me, much greater than the previous, was the next step in life. I began to wander uphill on the next mountain of life while I knew it would be much harder than the previous mountain. [/I]- MaXe[/quote]

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,124

    Default

    Quote Originally Posted by LLO6969 View Post
    okay I am on Metasploit 2.3 web interface and I used the MSRPC DCOM exploit because I know for a fact that my computer has a 135/tcp port open. I picked the payload Windows32reverce, vncinject and when i ran the exploit I got this
    [*] Starting Reverse Handler.[*] Sending request...[*] RPC server responded with:[*] RESPONSE: response[*] STUB DATA = \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x 00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00 \x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x 00\x00\x00\x05\x00\x01\x00\x04\x00\x08\x80\x01\x00 \x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x 00\x00\x00\x00\x00\x00[*] This probably means that the system is patched[*] Exiting Reverse Handler.

    I ran nmap and it does show that port open. Just wanted to know why this. Why would it be showing up in nmap as being opened?
    First of all 2.3 is not even supported any more. Second of all this is a back track forum and if you are using 2.3 you are not using a current version of backtrack. And third just because the port is open does not mean a vulnerability exists.

  4. #4
    Just burned his ISO
    Join Date
    Jan 2008
    Posts
    6

    Default

    Okay the reason I wasn't using Metasploit 3.0 web interface is because it is running extra slow for some reason. 2.3 on the other hand using the web interface was running smoothly. Oh yea and I do have a firewall up on my computer which is why I couldn't get through. So is it hard to get through if somebody wanted to?

  5. #5
    My life is this forum thorin's Avatar
    Join Date
    Jan 2010
    Posts
    2,629

    Default

    That would depend on the motivation and resources of the "attacker" personally I highly doubt you have anything on your computer that anyone is going to waste more than a casual amount of time on.
    I'm a compulsive post editor, you might wanna wait until my post has been online for 5-10 mins before quoting it as it will likely change.

    I know I seem harsh in some of my replies. SORRY! But if you're doing something illegal or posting something that seems to be obvious BS I'm going to call you on it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •