- This topic has 8 replies, 6 voices, and was last updated 9 years, 3 months ago by
acidicloop.
-
AuthorPosts
-
-
November 29, 2011 at 5:54 am #7087
acidicloop
ParticipantHello yall, I am new here to the forums and I have a quick question preceded by a little background. I am CEH certified and I do teach for a tech boot camp company, so I have some background in this. I set up my labs in virtual box as backtrack 5 and win xp service pack 2. Now when I first started learning metasploit I started with what everyone seems to start with, the old ms08_067_netapi one. This used to work fine back in backtrack 4 and I would pop the xp box everytime. Now I get error, connection refused by remote host then it lists my backtrack ip with a port number of 445. Says exploit completed but no session was created. Does this exploit no longer work in backtrack 5? I know the meterpreter session and reverse tcp is good to go because I just create the trojan now using msfpayload and do it that way. I noticed that armitage doesnt work for me anymore, no exploits work. It runs but doesnt do any exploits as in never gives me the attack menu after I scan for exploits by vulnerability. Just curious if anyone else is having this problem, thanks
-
November 29, 2011 at 6:31 am #44002
acidicloop
Participantnever mind, I am a moron today. I messed up the rhost and the lhost, had them reversed.
-
November 29, 2011 at 8:41 am #44003
hurtl0cker
ParticipantWell, when I started out with Metasploit I had the same problem while using ms08-067 against Windows XP SP2. The possible reason is the the victim machine is no more vulnerable(patch has been installed) or there is a Firewall enabled on the XP machine or there is a problem with the IP to connect back.
In my case the XP machine had patch installed and also Firewall enabled. I used some client side attack using SET to exploit the same XP machine and open a meterpreter session. The failure to create a session has nothing much to do with BT5, it’s about what your target machine is. -
November 29, 2011 at 11:12 am #44004
nytfox
ParticipantIf its vulnerbile it should work :/ you will get no session if the packets got dropped in the middle of the exploit, the machine is patched or firewalls or coudnt find the correct IP to reverse back
-
November 29, 2011 at 11:21 am #44005
cyberman
ParticipantiI think the expliot is right and working properly did you check your virtual box networking settings? can you ping another VMs? virtual box has a virtual Dhcp that
assigns ip addresses to vms automatically you must go to Virtual machine settings and in devices and select network option and set network card to host only adapter its batter to disable the dhcp server in edit preferences and set static ip addresses 😉 -
November 29, 2011 at 1:13 pm #44006
j0rDy
Participant@acidicloop wrote:
never mind, I am a moron today. I messed up the rhost and the lhost, had them reversed.
lol! classic mistake, especially after several hours of continuously hacking 8) even happens to the best, good luck with it!
-
November 29, 2011 at 3:51 pm #44007
acidicloop
Participantthanks yall, yeah I messed it up. I purposely dont have it patched or firewall on because I do these things as labs when I teach Security + classes. Thanks for the input
-
November 29, 2011 at 3:57 pm #44008
rsmudge
ParticipantArmitage still works and is still maintained (32 releases in the past year — I’m on it). Make sure you’re using the version that ships with Metasploit.
One note though, its dependencies have changed recently. If you use msfupdate, Armitage will no longer work with BackTrack 4 or BackTrack 5. BackTrack 5r1 is OK though. This is because the original msf install in BT4/5 does not include libraries that Armitage requires (msgpack, Java crypto extensions, etc.)
If you use a modern version of Armitage, it will open a tab and use the Metasploit console to launch exploits. At least you get feedback this way.
I have a Windows XP SP2 target that I use for demonstrations too. Sometimes it becomes unstable and I find I have to revert it to a previous snapshot to exploit it again.
-
November 29, 2011 at 4:17 pm #44009
acidicloop
Participantsame here. Yes ive done the latest msfupdate but I have the most recent bt5, so Im curious
-
-
AuthorPosts
- You must be logged in to reply to this topic.