Metasploit mailing list archives
Finding Shell. DEBUGLEVEL 5.
From: arcangel at phreaker.net (Arcangel)
Date: Tue, 5 Oct 2004 11:17:48 -0300
I tried with debuglevel 5 and only show me the this aditional information --> "KILLING CHILD:2960" [*] Starting Bind Handler. [*] REMOTE> 220 ftp Server Ready... [*] REMOTE> 331 User name okay, need password. [*] REMOTE> 230 User logged in, proceed. [*] REMOTE> 227 Entering Passive Mode (127.0.0.1, 4,106) [*] Trying to explot target ServU 5.0.0.0 ServUDaemon.exe [*] Got Connection from 127.0.0.1:114 KILLING CHILD:2960 [*] Exiting Handler. Arc. ----- Original Message ----- From: "[Arcangel]" <arcangel at phreaker.net> To: "Framework" <framework at metasploit.com> Sent: Tuesday, October 05, 2004 2:13 AM Subject: Re: [framework] Finding Shell. more information.
Hi, Thanks for the answers. I change the LPORT several times and nothing. I used reverses payloads and nothing... I have no idea what is happen... Arc, ----- Original Message ----- From: <ninjatools at hush.com> To: "[Arcangel]" <arcangel at phreaker.net> Cc: <framework at metasploit.com> Sent: Monday, October 04, 2004 9:13 PM Subject: Re: [framework] Finding Shell. more information.-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Try a reverse payload, something could be happening funny with bind, or if you have previously owned with that LPORT, a listener could be floating around or something weird. Try changing your LPORT, but more likely try a reverse shell and see if that works. reverse shells are pretty much always more reliable than bind (as a rule of thumb), and I'd suggest exclusively using reverse. On Mon, 04 Oct 2004 16:52:07 -0700 "[Arcangel]" <arcangel at phreaker.net> wrote:I dont know if this is important but as it says in the documentation the Serv-U ftp Server dies when I run the exploit. I have Win XP SP2. bye. Arc.Hi list: I recently started using Metasploit Framework. I have aproblemexploiting the "servu_mdtm_overflow". I set up a temporary Serv-U Ftpserver 5.0.0.0 (in my PC) to test this vulnerability. When I tried toexplote Itseems that it works, but there is no shell at all. Something similar happened when I tried with another exploit. this is the banner: msf servu_mdtm_overflow(win32_bind) > exploit [*] Starting Bind Handler. [*] REMOTE> 220 ftp Server Ready... [*] REMOTE> 331 User name okay, need password. [*] REMOTE> 230 User logged in, proceed. [*] REMOTE> 227 Entering Passive Mode (127.0.0.1, 14,39) [*] Trying to explot target ServU 5.0.0.0 ServUDaemon.exe [*] Got Connection from 127.0.0.1:4444 [*] Exiting Handler. msf servu_mdtm_overflow(win32_bind) > where is the shell?? I also tried whit my Internet IP (not local 127.0....) but nothing. I have no Firewall. Thanks, Arc.-----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.4 wkYEARECAAYFAkFh5x4ACgkQtCeTLzI39eMn6wCbBF+Z9XqAc6pK7zHbs13RlKOyqU8A oKB68duzl71zysZzPP552evl+c83 =v6XG -----END PGP SIGNATURE----- Concerned about your privacy? Follow this link to get secure FREE email: http://www.hushmail.com/?l=2 Free, ultra-private instant messaging with Hush Messenger http://www.hushmail.com/services-messenger?l=434 Promote security and make money with the Hushmail Affiliate Program: http://www.hushmail.com/about-affiliate?l=427
Current thread:
- Finding Shell. DEBUGLEVEL 5. Arcangel (Oct 05)
- Finding Shell. DEBUGLEVEL 5. H D Moore (Oct 05)