Metasploit mailing list archives

Re: what cause this error??

From: n4net_spy at yahoo.com (net spy)
Date: Fri, 12 May 2006 09:47:10 +0100 (BST)

Hi
   
    thank Rhys.Ive tried terminal service by using tsgrinder-2.03  which is realy a go0d tool but im facing some sort 
of porblem to  bruteforce the password.i sucessfuly got the remote login screen but  failed to get password.might caz 
of shot list of password file any  other idea.since i tried dictionary attack to brutforce the password.i  will be 
glade for ur kind response.
  
   Regards
     Net_Spy

Rhys Kidd <rhyskidd at gmail.com> wrote:              v\:* {behavior:url(#default#VML);} o\:* 
{behavior:url(#default#VML);} w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);}        
st1\:*{behavior:url(#default#ieooui) }                              Net Spy,
     
    Metasploit isn?t really designed to  scan a system for vulnerabilities in its currently released versions. It might 
 be best to look at a tool such as Nessus to do the scanning of open ports to  see if vulnerabilities lie or grab the 
banners and compare to OSVDB or Secunia,  and then go about using Metasploit to confirm a risk exists.
     
    Although, if you?re really doing an  authorised pen-test, I?d probably focus on RDP (TCP/3389) to see if you  can 
bruteforce usernames/passwords first. IIS6.0 is comparatively secure these  days to the old IIS versions.
     
    Maybe have a read up on web application  attacks too.
     
    Please research the bugs before posting,  not much reason to point-and-sploit LSASS overflows if the system is 
patched.
     
            
---------------------------------
    
    From:  net spy [mailto:n4net_spy at yahoo.com] 
  Sent: Monday, 8 May 2006 8:25 PM
  To: framework at metasploit.com
  Subject: Re: [framework] Re: what  cause this error??
    
     
    HI
    
   thankz for your kind response so far i can,,,, well ive found go0d open  portz n services running on there here is 
the list below.information is windows  2003 ,IIS6.0,asp dot net,mysql,apache (win32)1.3.x.,config remote terminal,mail  
server,https.any idea to test this server using metasploit.your kind help would  be helpful for me.
  
  port are open
  
  25
  53
  80
  1433
  2103
  2105
  2107
  3306
  3389
  8080
  8401
  8402
  9999
  
  
  H D Moore <hdm at metasploit.com>  wrote:
    Hello,
  
  Session request failed just means that the exploit was not able to login 
  to the remote SMB service. Windows 2003 SP1 is not vulnerable to this 
  exploit anyways.
  
  -HD
  
  On Sunday 07 May 2006 04:41, net spy wrote:
  > HI
  >
  > how are you all (member of metasploit list).Im having a problem
  > using bind shell payload with lsass.exe overflow exploit.
  >
  > i use lsass exploit and set payload to win32_bind.and set the 
  > remote port to 1030 where the service is running on remote.and my 
  > local port set to default 4444.Im using windows 2003 with sp1.Im 
  > testing my friendz website.The error i got is Session request failed
  > *SMBSERVER.exing bind handler.any help would be helpful for me it will
  > improve my pentest experience.
  >
  > Regards
  > Net_Spy
  >
  > Send instant messages to your online friends
  > http://uk.messenger.yahoo.com
     
    Send  instant messages to your online friends http://uk.messenger.yahoo.com 
    
    

Send instant messages to your online friends http://uk.messenger.yahoo.com 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20060512/cdf1f6e3/attachment.htm>

Current thread:

what cause this error?? net spy (May 07)
- Re: what cause this error?? H D Moore (May 07)
  - Re: what cause this error?? net spy (May 08)
    - Re: what cause this error?? Rhys Kidd (May 08)
    - Re: what cause this error?? net spy (May 12)
    - Re: what cause this error?? AgentSmith15 (May 12)
    - Re: what cause this error?? H D Moore (May 12)