need help with metasploit

Viewing 8 reply threads
  • Author
    Posts
    • #7087
      acidicloop
      Participant

      Hello yall, I am new here to the forums and I have a quick question preceded by a little background. I am CEH certified and I do teach for a tech boot camp company, so I have some background in this. I set up my labs in virtual box as backtrack 5 and win xp service pack 2. Now when I first started learning metasploit I started with what everyone seems to start with, the old ms08_067_netapi one. This used to work fine back in backtrack 4 and I would pop the xp box everytime. Now I get error, connection refused by remote host then it lists my backtrack ip with a port number of 445. Says exploit completed but no session was created. Does this exploit no longer work in backtrack 5? I know the meterpreter session and reverse tcp is good to go because I just create the trojan now using msfpayload and do it that way. I noticed that armitage doesnt work for me anymore, no exploits work. It runs but doesnt do any exploits as in never gives me the attack menu after I scan for exploits by vulnerability. Just curious if anyone else is having this problem, thanks

    • #44002
      acidicloop
      Participant

      never mind, I am a moron today. I messed up the rhost and the lhost, had them reversed.

    • #44003
      hurtl0cker
      Participant

      Well, when I started out with Metasploit I had the same problem while using ms08-067 against Windows XP SP2. The possible reason is the the victim machine is no more vulnerable(patch has been installed) or there is a Firewall enabled on the XP machine or there is a problem with the IP to connect back.
      In my case the XP machine had patch installed and also Firewall enabled. I used some client side attack using SET to exploit the same XP machine and open a meterpreter session. The failure to create a session has nothing much to do with BT5, it’s about what your target machine is.

    • #44004
      nytfox
      Participant

      If its vulnerbile it should work :/ you will get no session if the packets got dropped in the middle of the exploit, the machine is patched or firewalls or coudnt find the correct IP to reverse back

    • #44005
      cyberman
      Participant

      iI think the expliot is right and working properly did you check your virtual box networking settings? can you ping another VMs?  virtual box has a virtual Dhcp that
      assigns ip addresses to vms automatically you must go to Virtual machine settings and in devices and select network option and set network card to host only adapter its batter to disable the dhcp server in edit preferences and set static ip addresses  😉

    • #44006
      j0rDy
      Participant

      @acidicloop wrote:

      never mind, I am a moron today. I messed up the rhost and the lhost, had them reversed.

      lol! classic mistake, especially after several hours of continuously hacking 8) even happens to the best, good luck with it!

    • #44007
      acidicloop
      Participant

      thanks yall, yeah I messed it up. I purposely dont have it patched or firewall on because I do these things as labs when I teach Security + classes. Thanks for the input

    • #44008
      rsmudge
      Participant

      Armitage still works and is still maintained (32 releases in the past year — I’m on it). Make sure you’re using the version that ships with Metasploit.

      One note though, its dependencies have changed recently. If you use msfupdate, Armitage will no longer work with BackTrack 4 or BackTrack 5. BackTrack 5r1 is OK though. This is because the original msf install in BT4/5 does not include libraries that Armitage requires (msgpack, Java crypto extensions, etc.)

      If you use a modern version of Armitage, it will open a tab and use the Metasploit console to launch exploits. At least you get feedback this way.

      I have a Windows XP SP2 target that I use for demonstrations too. Sometimes it becomes unstable and I find I have to revert it to a previous snapshot to exploit it again.

    • #44009
      acidicloop
      Participant

      same here. Yes ive done the latest msfupdate but I have the most recent bt5, so Im curious

Viewing 8 reply threads
  • You must be logged in to reply to this topic.

Copyright ©2020 Caendra, Inc.

Contact Us

Thoughts, suggestions, issues? Send us an email, and we'll get back to you.

Sending

Sign in with Caendra

Forgot password?Sign up

Forgot your details?