Metasploit mailing list archives
Metasploit pen testing questions
From: regence21 at hotmail.com (Regence 21)
Date: Thu, 11 Nov 2004 00:56:39 +0000
Thanks for the pointers on ftp and tftp! It seems like ntlm_auth isn't enabled on the squid server, which explains why that exploit doesn't work. The samba target box is running Fedora Core 2 and Samba 2.2.0. smbclient -l works fine. When I run the samba_nttrans exploit with a 2.2 brute force target, it does 819 attempts. When I try the Samba Complete brute force it does 1966 attempts. Neither exploit appears to work - it sets up the SMB session, establishes tree connection ,sends first nttrans component then completes the range over and over. samba_trans2open exploit is similar - it tries an endless number of return addresses and no connection is made. I couldn't see anything obvious in the samba logs.
Current thread:
- Metasploit pen testing questions Regence 21 (Nov 10)
- Metasploit pen testing questions Sam Gorton (Nov 10)
- Metasploit pen testing questions mmiller at hick.org (Nov 10)
- Metasploit pen testing questions H D Moore (Nov 12)
- <Possible follow-ups>
- Metasploit pen testing questions Israel Torres (Nov 10)
- Metasploit pen testing questions Regence 21 (Nov 10)
- Metasploit pen testing questions Phyo Arkar Lwin (Nov 16)
- Metasploit pen testing questions Guy Incognito (Nov 16)
- Metasploit pen testing questions Phyo Arkar Lwin (Nov 16)
- Metasploit pen testing questions Guy Incognito (Nov 16)