Are you sure your target is MS08-067 vulnerable?   Any chance it was patched?

I do believe that SP3 is vulnerable by default. 

http://www.microsoft.com/technet/security/bulletin/ms08-067.mspx

Yes, you can exploit port 445 on an XP SP3 machine.  Bug, why are you just randomly sanding exploits against this machine?  Why not identify the vulnerability first?   Coincidentally, I find that the MS08-067 is the one most common false positives.

@rebrov -

Glad to see you're still hanging around, and learning!

That list shows open ports, and generically defined services.  Your next steps should be connecting to those ports, and banner grabbing / researching, to see what service versions, etc, are reported as running on those ports, then follow up with searches for vulnerabilities existing on those versions and services.


thanks for info i will try telnet or netcat for banner grabbing
For instance, you might find that some other service is actually using that port, and it's not really Microsoft ds on there, at all.  Conversely, you could be hitting a honeypot (if this were a real-life pentest,) where that port isn't really even running the exploitable service, but responds to queries as if it was.  You need to adequately try to determine what's running, not just gather a basic list of responding ports, and start attacking.   

These are very tried and true principles for pentesting, and you need to do some digging on them, rather than just throwing a list of nmap reported open ports to the list.  We're here to help, and to answer educated questions, not to lead you through every step.  (No offense intended, just recommending you spend more time on this than simply a base nmap scan, followed by, "why doesn't an exploit work on 445?")

I understand that you're running a tool, like Metasploit, to perform these tests, but sometimes, you need to have a clearer understanding of the target system and it's services, before just throwing Metasploit and other tools at it, in the hopes that generically defined exploits will 'just work' as you'd like / expect them to.

Good luck, and as you continue, let us know what more you find.

Sounds good.  Keep us posted.

NetBIOS is a binary protocol.   You can run the following nmap command to check for a few vulnerabilities.   There are also any number of scanners that will identify NetBios vulnerabilities.