Metasploit mailing list archives
Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026
From: kenzo_chin at hotmail.com (ken zo)
Date: Mon, 16 Jan 2006 16:45:48 -0600
I don't know if this will help, but did you check to make sure that the Firewall was disabled? I believe Suse10 automatically starts the firewall by default and doesn't open any ports.
From: Christian Liesegang <masterl_dae at gmx.de> To: framework at metasploit.com Subject: [framework] Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 Date: Mon, 16 Jan 2006 20:50:15 +0100 MIME-Version: 1.0 Received: from sugar.14x.net ([66.234.161.200]) by bay0-mc5-f9.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Mon, 16 Jan 2006 11:52:28 -0800 Received: (qmail 13063 invoked by uid 1006); 16 Jan 2006 13:49:49 -0600 Received: (qmail 227 invoked from network); 16 Jan 2006 13:49:48 -0600 X-Message-Info: 6sSXyD95QpX04MKU6OaDr48jtjOIxnxsvF218/AfFAU= Mailing-List: contact framework-help at metasploit.com; run by ezmlm Precedence: bulk X-No-Archive: yes List-Post: <mailto:framework at metasploit.com> List-Help: <mailto:framework-help at metasploit.com> List-Unsubscribe: <mailto:framework-unsubscribe at metasploit.com> List-Subscribe: <mailto:framework-subscribe at metasploit.com> Delivered-To: mailing list framework at metasploit.com X-Authenticated: #1867461 User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: de-DE, de, en-us, en X-Y-GMX-Trusted: 0 Return-Path: framework-return-818-kenzo_chin=hotmail.com at metasploit.com X-OriginalArrivalTime: 16 Jan 2006 19:52:28.0854 (UTC) FILETIME=[618C3560:01C61AD6] Hello , during the last weeks I experimented with the 2.5 framework using the windows version and exploited successfully a window 2000 in a virtual machine. Now I set up a Suse 10 in a Virual Maschine, too. I tried to play around with the Framework 3.0 and tried the same exploit (dcom_ms03_026) on the same w2k box from the SuSE 10, but this time I got: [*] Started reverse handler [*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal... [*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0 at ncacn_ip_tcp:192.168.152.3[135] ... [*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0 at ncacn_ip_tcp:192.168.152.3[135] ... [*] sending exploit ... [-] Exploit failed: DCERPC FAULT => 0x000006f7 My SuSE Box comes with Ruby 1.8.2 so I think it should work. While the 3.0 fails, I could exploit with the 2.5 again and again. I would be very thankful if someone could give my a hint. Regards
_________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Current thread:
- Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 Christian Liesegang (Jan 16)
- Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 H D Moore (Jan 16)
- Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 ken zo (Jan 16)
- Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 Christian Liesegang (Jan 17)