Try using the ms08-067_netapi exploit. Turn off firewall on the RHOST

 ms08-067_netapi

i tried this exploit at network but it work at some pc's and others not why

it appear this when i tried to exploit some of them

at port 445

Exploit completed, but no session was created

I am having trouble understanding you. This should be your computer, not someone elses. You ought be able to turn off the firewall on your test computer.

Re-install XP on a computer, turn off the firewall, and try out the exploit I mentioned.

Same here.


Exactly. As you have stressed often enough that he is your friend and that you have permission, it shouldn't be a problem, right?

rebrov,

awesec was trying to determine if you have permission to access your 'friends' computer.


Can't speak for all the worlds hackers, but most people I know, when trying to learn security or test a particular exploit, use some form of lab (either spare machines or virtual guests), and this allows you to modify security settings to suite the exploit you're testing. There has been plenty of discussion of this in the EH forum so I'd suggest reading back through some of the older posts.

I would definitely advise against trying to compromise a 'friends' machine for learning purposes, and you should only target machines that you have permission for. Exploits can be picky at the best of times, but especially so if you're not fully aware of how to use it. I'm guessing you might lose a few friends if you mess up and destroy their machine.

Hope that clears some things up and points you in the right direction.

Thanks for the plug awesec.   

rebrov, ms08_67_netapi isn't 0-day, there is a patch for it.  If your friend has kept his machine up to date, it won't work.  Andrew is right, if you truly are just trying to learn, don't blow up your friends machine in the process.  Set up a VM lab to test your skills.  Check out the article awesec linked.  There are plenty of free, pre-built vulnerable targets.  If you have an extra copy of XP sitting around, you can load that into a VM and take a snapshot of it.  It gives you the ability to blow it up all you want without causing any real damage or data loss.  I can't speak for your friends, but if a friend of mine blew up my machine, there'd be hell to pay... Office space style.

thanks first as i said up and down i have access on their machines and thanks bro for the video i will learn more

and can i use metasploit for WAN pc's ?? like if i want to test my pc at home from another pc at my friend home can it be ?