Metasploit mailing list archives
easy one to answer: getting started on windows rsh daemon exploit
From: tim.e.mcguire at gmail.com (Timothy McGuire)
Date: Thu, 15 May 2008 20:30:02 -0500
I installed rsh daemon version 1.8 on an old machine of mine(Windows XP SP2) for testing. I am running rsh daemon in debug mode. Here is what I see on the target machine: Client Port: 1002... [15] Sending null byte result... [15] Executing '#r+e}83 ..... etc, etc, etc, etc ....... PAA
C:\DOCUME~1\myname\LOCALS~1\temp\s648.m
2>C:\DOCUME~1\myname\LOCALS~1\Temp\s648.n'...
was unexpected at this time.
[15] sending results... *** [15] ERROR: Cannot open temporary file... [15] Winsock error: Error number = 12. my settings: payload = shell_reverse_tcp CPORT = 1008 in the metasploit console, I see: [*] Started bind handler [*] Trying target Windows XP Pro SP2 English... [*] Command shell session 6 opened (00.00.00.104:52294 -> 00.00.00.106:1021) and then it gives me back the msf exploit (windows_rsh) prompt it seems like it worked, but I'm not seeing a shell. should there be one? Should I be focusing on the errors I see on the remote machine? Later, I tried the install user payload, I saw an error that the password did not meet complexity standards. after that, rshd fell down and couldn't get back up. Thanks for any insight. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20080515/a830322a/attachment.htm>
Current thread:
- easy one to answer: getting started on windows rsh daemon exploit Timothy McGuire (May 15)
- easy one to answer: getting started on windows rsh daemon exploit H D Moore (May 15)
- easy one to answer: getting started on windows rsh daemon exploit Timothy McGuire (May 15)
- easy one to answer: getting started on windows rsh daemon exploit H D Moore (May 15)