Metasploit mailing list archives

Metasploit pen testing questions

From: regence21 at hotmail.com (Regence 21)
Date: Thu, 11 Nov 2004 00:56:39 +0000

Thanks for the pointers on ftp and tftp!

It seems like ntlm_auth isn't enabled on the squid server, which explains 
why that exploit doesn't work.

The samba target box is running Fedora Core 2 and Samba 2.2.0. smbclient -l 
works fine.

When I run the samba_nttrans exploit with a 2.2 brute force target, it does 
819 attempts. When I try the Samba Complete brute force it does 1966 
attempts. Neither exploit appears to work - it sets up the SMB session, 
establishes tree connection ,sends first nttrans component then completes 
the range over and over.

samba_trans2open exploit is similar - it tries an endless number of return 
addresses and no connection is made. I couldn't see anything obvious in the 
samba logs.

Current thread:

Metasploit pen testing questions Regence 21 (Nov 10)
- Metasploit pen testing questions Sam Gorton (Nov 10)
- Metasploit pen testing questions mmiller at hick.org (Nov 10)
- Metasploit pen testing questions H D Moore (Nov 12)
- <Possible follow-ups>
- Metasploit pen testing questions Israel Torres (Nov 10)
- Metasploit pen testing questions Regence 21 (Nov 10)
- Metasploit pen testing questions Phyo Arkar Lwin (Nov 16)
  - Metasploit pen testing questions Guy Incognito (Nov 16)
    - Metasploit pen testing questions Phyo Arkar Lwin (Nov 16)