Metasploit mailing list archives
Queries on CABRIGHTSTOR exploit
From: 3shool at gmail.com (3 shool)
Date: Thu, 27 Oct 2005 12:29:42 +0530
On Wed, Oct 26, 2005 at 06:06:05PM +0530, 3 shool wrote:
The first server was running a vulnerable version of CA licencing server
and
I was able to get a remote shell using relevant exploit in metasploit. The second server is vulnerable to CA brightstor universal agent, as reported by Nessus and verified once again by another scam. The framework has a relevant exploit named "cabrightstor_uniagent" to exploit this vulnerability. The remote OS is WIndows 2000 and the service is listening
on
default 6050 port. I ran the exploit with magic target and all available payloads, one by one, but this one is not able to exploit the remote service. I feel I might have done somthing wrong hence I tried all possibilities a couple of time but no luck! Here is what I gave: LHOST: my local machine IP 192.168.1.3 <http://192.168.1.3/> <
http://192.168.1.3>
RHOST: vulnerable servers IP TARGET: 0 PAYLOAD: win32, win32_reverse_ord, win32_reverse_ord_vncinject CMD: dir Just a guess, but is the vulnerable machine somewhere else on the internet or is on the local LAN? In other words, can the vulnerable machine communicate with 192.168.1.3 <http://192.168.1.3>? I'd guess that's what your problem is. You might be better of using the bind payloads if you're unsure, although you will be subject to any inbound filtering the target machine has. It's also possible that the address being used by the exploit may not be working correctly on the target machine. You'd need to do some analysis to determine this.
The vulnerable machine is on internet. But I also tried the CMD execution payload which I feel should work in this case. And there isn't a bind payload for this module. Any idea how can I create one? I would appreciate some more pointers from experts. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20051027/644cde6e/attachment.htm>
Current thread:
- Queries on CABRIGHTSTOR exploit 3 shool (Oct 26)
- Queries on CABRIGHTSTOR exploit mmiller at hick.org (Oct 26)
- Queries on CABRIGHTSTOR exploit 3 shool (Oct 26)
- Queries on CABRIGHTSTOR exploit Jerome Athias (Oct 27)
- Queries on CABRIGHTSTOR exploit 3 shool (Oct 27)
- Queries on CABRIGHTSTOR exploit Jerome Athias (Oct 27)
- Queries on CABRIGHTSTOR exploit 3 shool (Oct 26)
- Queries on CABRIGHTSTOR exploit mmiller at hick.org (Oct 27)
- Queries on CABRIGHTSTOR exploit mmiller at hick.org (Oct 26)