Penetration Testing mailing list archives
RE: Pen Test help
From: "Juda Barnes" <judab () pent900 com>
Date: Sun, 17 Jul 2005 21:32:51 +0200
Hi Moore I have thought about this options therefor I tried to use the CMD options (I didn't know we have check command) Anyway the machine have 53/tcp open port so if I will have the right exploit I will be able to bind to 53 the shell till there I am scrue ;-( msf iis50_webdav_ntdll(win32_exec) > check [*] Server does not appear to be vulnerable :( Well I tried most of the framework exploits none of them work. Looking for furthere info Thank you -----Original Message----- From: H D Moore [mailto:sflist () digitaloffense net] Sent: Saturday, July 16, 2005 9:39 PM To: pen-test () securityfocus com Subject: Re: Pen Test help Could it be that the firewall is preventing you from accessing the win32_bind port and blocking the outbound connection from win32_reverse? You may want to try exploiting this from an external system and using win32_reverse with a different LPORT value (53, 25, 80, etc). If the "check" command in the WebDAV exploit thinks the system is vulnerable, there is a pretty good chance that it is. -HD On Saturday 16 July 2005 10:14, Juda Barnes wrote:
I allready used that I am unable to get win32_reverse or win32_bind With the two exploits nsiislog_post and webdav_ntdll Any other ideas ? -----Original Message----- From: er t [mailto:er587 () hotmail com] Sent: Friday, July 15, 2005 5:48 PM To: securityfocus () mymail pent900 com; pen-test () securityfocus com Subject: RE: Pen Test help Try Metasploit NSIISLOG.DLL - http://www.metasploit.com/projects/Framework/exploits.html#iis_nsiislog _post WebDav Remote exploit MS03-007 - http://www.metasploit.com/projects/Framework/exploits.html#iis50_webdav _ntdl l
Current thread:
- Pen Test help Juda Barnes (Jul 14)
- <Possible follow-ups>
- RE: Pen Test help er t (Jul 15)
- RE: Pen Test help Juda Barnes (Jul 16)
- Re: Pen Test help H D Moore (Jul 16)
- RE: Pen Test help Juda Barnes (Jul 17)
- Re: Pen Test help H D Moore (Jul 18)
- RE: Pen Test help Juda Barnes (Jul 16)
- Re: Pen Test help H D Moore (Jul 18)