Metasploit mailing list archives

Re: what cause this error??

From: rhyskidd at gmail.com (Rhys Kidd)
Date: Mon, 8 May 2006 20:53:03 +0800

Net Spy,

 

Metasploit isn't really designed to scan a system for vulnerabilities in its
currently released versions. It might be best to look at a tool such as
Nessus to do the scanning of open ports to see if vulnerabilities lie or
grab the banners and compare to OSVDB or Secunia, and then go about using
Metasploit to confirm a risk exists.

 

Although, if you're really doing an authorised pen-test, I'd probably focus
on RDP (TCP/3389) to see if you can bruteforce usernames/passwords first.
IIS6.0 is comparatively secure these days to the old IIS versions.

 

Maybe have a read up on web application attacks too.

 

Please research the bugs before posting, not much reason to point-and-sploit
LSASS overflows if the system is patched.

 

  _____  

From: net spy [mailto:n4net_spy at yahoo.com] 
Sent: Monday, 8 May 2006 8:25 PM
To: framework at metasploit.com
Subject: Re: [framework] Re: what cause this error??

 

HI
  
 thankz for your kind response so far i can,,,, well ive found go0d open
portz n services running on there here is the list below.information is
windows 2003 ,IIS6.0,asp dot net,mysql,apache (win32)1.3.x.,config remote
terminal,mail server,https.any idea to test this server using
metasploit.your kind help would be helpful for me.

port are open

25
53
80
1433
2103
2105
2107
3306
3389
8080
8401
8402
9999


H D Moore <hdm at metasploit.com> wrote:

Hello,

Session request failed just means that the exploit was not able to login 
to the remote SMB service. Windows 2003 SP1 is not vulnerable to this 
exploit anyways.

-HD

On Sunday 07 May 2006 04:41, net spy wrote:

HI

how are you all (member of metasploit list).Im having a problem
using bind shell payload with lsass.exe overflow exploit.

i use lsass exploit and set payload to win32_bind.and set the 
remote port to 1030 where the service is running on remote.and my 
local port set to default 4444.Im using windows 2003 with sp1.Im 
testing my friendz website.The error i got is Session request failed
*SMBSERVER.exing bind handler.any help would be helpful for me it will
improve my pentest experience.

Regards
Net_Spy

Send instant messages to your online friends
http://uk.messenger.yahoo.com


 

Send instant messages to your online friends http://uk.messenger.yahoo.com 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20060508/32994f78/attachment.htm>

Current thread:

what cause this error?? net spy (May 07)
- Re: what cause this error?? H D Moore (May 07)
  - Re: what cause this error?? net spy (May 08)
    - Re: what cause this error?? Rhys Kidd (May 08)
    - Re: what cause this error?? net spy (May 12)
    - Re: what cause this error?? AgentSmith15 (May 12)
    - Re: what cause this error?? H D Moore (May 12)