Metasploit mailing list archives
Re: what cause this error??
From: n4net_spy at yahoo.com (net spy)
Date: Fri, 12 May 2006 09:47:10 +0100 (BST)
Hi thank Rhys.Ive tried terminal service by using tsgrinder-2.03 which is realy a go0d tool but im facing some sort of porblem to bruteforce the password.i sucessfuly got the remote login screen but failed to get password.might caz of shot list of password file any other idea.since i tried dictionary attack to brutforce the password.i will be glade for ur kind response. Regards Net_Spy Rhys Kidd <rhyskidd at gmail.com> wrote: v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);} st1\:*{behavior:url(#default#ieooui) } Net Spy, Metasploit isn?t really designed to scan a system for vulnerabilities in its currently released versions. It might be best to look at a tool such as Nessus to do the scanning of open ports to see if vulnerabilities lie or grab the banners and compare to OSVDB or Secunia, and then go about using Metasploit to confirm a risk exists. Although, if you?re really doing an authorised pen-test, I?d probably focus on RDP (TCP/3389) to see if you can bruteforce usernames/passwords first. IIS6.0 is comparatively secure these days to the old IIS versions. Maybe have a read up on web application attacks too. Please research the bugs before posting, not much reason to point-and-sploit LSASS overflows if the system is patched. --------------------------------- From: net spy [mailto:n4net_spy at yahoo.com] Sent: Monday, 8 May 2006 8:25 PM To: framework at metasploit.com Subject: Re: [framework] Re: what cause this error?? HI thankz for your kind response so far i can,,,, well ive found go0d open portz n services running on there here is the list below.information is windows 2003 ,IIS6.0,asp dot net,mysql,apache (win32)1.3.x.,config remote terminal,mail server,https.any idea to test this server using metasploit.your kind help would be helpful for me. port are open 25 53 80 1433 2103 2105 2107 3306 3389 8080 8401 8402 9999 H D Moore <hdm at metasploit.com> wrote: Hello, Session request failed just means that the exploit was not able to login to the remote SMB service. Windows 2003 SP1 is not vulnerable to this exploit anyways. -HD On Sunday 07 May 2006 04:41, net spy wrote: > HI > > how are you all (member of metasploit list).Im having a problem > using bind shell payload with lsass.exe overflow exploit. > > i use lsass exploit and set payload to win32_bind.and set the > remote port to 1030 where the service is running on remote.and my > local port set to default 4444.Im using windows 2003 with sp1.Im > testing my friendz website.The error i got is Session request failed > *SMBSERVER.exing bind handler.any help would be helpful for me it will > improve my pentest experience. > > Regards > Net_Spy > > Send instant messages to your online friends > http://uk.messenger.yahoo.com Send instant messages to your online friends http://uk.messenger.yahoo.com Send instant messages to your online friends http://uk.messenger.yahoo.com -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20060512/cdf1f6e3/attachment.htm>
Current thread:
- what cause this error?? net spy (May 07)
- Re: what cause this error?? H D Moore (May 07)
- Re: what cause this error?? net spy (May 08)
- Re: what cause this error?? Rhys Kidd (May 08)
- Re: what cause this error?? net spy (May 12)
- Re: what cause this error?? AgentSmith15 (May 12)
- Re: what cause this error?? H D Moore (May 12)
- Re: what cause this error?? net spy (May 08)
- Re: what cause this error?? H D Moore (May 07)