Meterpreter Reporting wrong windows Version

[carlos_perez at darkoperator.com (Carlos Perez)]

Hi

    I'm running the following version of the
framework:
Framework: 3.3-dev.5962
Console  : 3.3-dev.6052

ruby:
ruby 1.8.7 (2008-08-11 patchlevel 72) [i486-linux]

and on windows vista and 2008 I'm getting them identified as windows 2000,
In fact when I try to run meterpeter on my Windows 2000 lab machines for
some reson it fails to runs while on Winxp, Winvista, Win2k3 and Win2k8 runs
without a problem.

on Windows Vista Buissness Clean Install I get the following

meterpreter > sysinfo
Computer: LH-ATL4IME2HD94
OS      : Windows 2000 (Build 6000, ).

meterpreter > execute -H -f cmd -d "/k ver" -i
Process 1484 created.
Channel 2 created.
Microsoft Windows [Version 6.0.6000]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Carlos\Desktop>exit

on Windows 2008 Clean Install:

meterpreter > sysinfo
Computer: WIN2K8
OS      : Windows 2000 (Build 6001, Service Pack 1).

meterpreter > execute -f cmd -i -o "ver"
Process 3048 created.
Channel 1 created.
Microsoft Windows [Version 6.0.6001]
Copyright (c) 2006 Microsoft Corporation.  All rights reserved.

C:\Users\Administrator\Desktop>

on Windows 2003 (working Correctly):

meterpreter > sysinfo
Computer: WIN2K301
OS      : Windows .NET Server (Build 3790, Service Pack 2).
meterpreter >

on Windows XP SP3 (Working Correctly):

meterpreter > sysinfo
Computer: WINXPVM01
OS      : Windows XP (Build 2600, Service Pack 3).
meterpreter >

on Windows 2000 it will just not run:
[*] Handler binding to LHOST 192.168.1.108
[*] Started reverse handler
[*] Starting the payload handler...
[*] Transmitting intermediate stager for over-sized stage...(191 bytes)
[*] Sending stage (2650 bytes)
[*] Sleeping before handling stage...
[*] Uploading DLL (75787 bytes)...
[*] Upload completed.
[*] Meterpreter session 1 opened (192.168.1.108:4444 -> ??)

on .msf3/logs/frameworkl.og I get this

[12/31/2008 16:34:18] [e(0)] core: Exception raised from handle_connection:
Connection reset by peer

/home/carlos/msf3/lib/rex/io/stream.rb:40:in `syswrite'
/home/carlos/msf3/lib/rex/io/stream.rb:40:in `write'
/home/carlos/msf3/lib/rex/io/stream.rb:126:in `timed_write'
/home/carlos/msf3/lib/rex/io/stream.rb:157:in `put'
/home/carlos/msf3/lib/msf/core/payload/windows/dllinject.rb:226:in
`handle_connection_stage'
/home/carlos/msf3/lib/msf/core/payload/stager.rb:119:in `handle_connection'
/home/carlos/msf3/lib/msf/core/handler/reverse_tcp.rb:129:in `start_handler'
/home/carlos/msf3/lib/msf/core/handler/reverse_tcp.rb:127:in `initialize'
/home/carlos/msf3/lib/msf/core/handler/reverse_tcp.rb:127:in `new'
/home/carlos/msf3/lib/msf/core/handler/reverse_tcp.rb:127:in `start_handler'
/home/carlos/msf3/lib/msf/core/handler/reverse_tcp.rb:107:in `initialize'
/home/carlos/msf3/lib/msf/core/handler/reverse_tcp.rb:107:in `new'
/home/carlos/msf3/lib/msf/core/handler/reverse_tcp.rb:107:in `start_handler'
/home/carlos/msf3/lib/msf/core/exploit.rb:401:in `setup'
/home/carlos/msf3/lib/msf/core/exploit_driver.rb:173:in `job_run_proc'
/home/carlos/msf3/lib/msf/core/exploit_driver.rb:144:in `run'
/home/carlos/msf3/lib/msf/base/simple/exploit.rb:121:in `exploit_simple'
/home/carlos/msf3/lib/msf/base/simple/exploit.rb:142:in `exploit_simple'
/home/carlos/msf3/lib/msf/ui/console/command_dispatcher/exploit.rb:118:in
`cmd_exploit'
/home/carlos/msf3/lib/rex/ui/text/dispatcher_shell.rb:234:in `send'
/home/carlos/msf3/lib/rex/ui/text/dispatcher_shell.rb:234:in `run_command'
/home/carlos/msf3/lib/rex/ui/text/dispatcher_shell.rb:196:in `run_single'
/home/carlos/msf3/lib/rex/ui/text/dispatcher_shell.rb:191:in `each'
/home/carlos/msf3/lib/rex/ui/text/dispatcher_shell.rb:191:in `run_single'
/home/carlos/msf3/lib/rex/ui/text/shell.rb:127:in `run'
./msfconsole:78
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081231/b8382c76/attachment.htm>