Metasploit mailing list archives
Question
From: one.miguel at gmail.com (one.miguel at gmail.com)
Date: Sat, 24 Feb 2007 16:15:34 -1000
What's happening is that you're machine is waiting for connections to port 8080. Your victim machine would need to open a connection to http://127.0.0.1:8080 in order to get exploited. I suggest reading through the metasploit manuals and reading the exploit writeups: msf > info winamp_playlist_unc On 2/24/07, Pierrick Plamondon <plamon at damas.ift.ulaval.ca> wrote:
OK maybe it is way I get this message... But, also I tried to install winamp 5.12 from there http://www.filehippo.com/download_winamp/?613 Then you can see what I did here : msf winamp_playlist_unc(win32_exec) > show options Exploit and Payload Options =========================== Exploit: Name Default Description -------- -------- --------- ------------------------------------------- optional REALHOST 127.0.0.1 External address to use for redirects (NAT) optional HTTPHOST 127.0.0.1 The local HTTP listener host required HTTPPORT 8080 The local HTTP listener port Payload: Name Default Description -------- -------- ------- ------------------------------------------ required EXITFUNC process Exit technique: "process", "thread", "seh" required CMD dir The command string to execute Target: Winamp 5.12 Universal msf winamp_playlist_unc(win32_exec) > exploit [*] Waiting for connections to http://127.0.0.1:8080/ Then, nothing happens. Is it normal? I would expect a little message saying the exploit worked and what it did, I don't know. I was told by a professor to prepare some simple examples of exploits for his students to try... Thanks! Pierrick Simple Nomad wrote: Are you actually running an IMAP server on your system? On Sat, 2007-02-24 at 18:52 -0500, Pierrick Plamondon wrote: My windows firewall is turned off. I don't have any anti virus. The IP I put in the RHOST setting is mine. My windows version is XP SP2 English. I really don't see what's wrong. Pierrick H D Moore wrote: The error is a generic response when the exploit could not connect to the host specified by the RHOST setting. Make sure that the RHOST system does not have a firewall (or at least allows RPORT) through. -JD On Saturday 24 February 2007 14:00, Pierrick Plamondon wrote: use mdaemon_imap_cram_md5 set RHOST MY_IP_ADDRESS // I put my IP address here set TARGET 0 set PAYLOAD win32_exec set CMD dir // here I don't really what to write. exploit // then I get the error message Error creating socket: Connection failed: Operation now in progress message
Current thread:
- Question Pierrick Plamondon (Feb 24)