Metasploit mailing list archives

smb2_negotiate_func_index problem

From: Darren.Shady at sunh.com (Darren Shady)
Date: Thu, 1 Oct 2009 17:06:53 -0600

Are u trying to connect to 445 over the Internet? Most isps block that. Or did I just misunderstand your setup? 
Darren Shady 

This E-mail and any attachments may be privileged, confidential, and/or proprietary. If you are not the intended 
recipient of this email, please delete it and do not read, distribute, or reproduce it. The unauthorized use of this 
e-mail is strictly prohibited. 
Thank you.

________________________________

From: framework-bounces at spool.metasploit.com <framework-bounces at spool.metasploit.com> 
To: framework at spool.metasploit.com <framework at spool.metasploit.com> 
Sent: Thu Oct 01 16:44:39 2009
Subject: [framework] smb2_negotiate_func_index problem 


Hi all, 

I recently tried out the new smb2_negotiate_func_index exploit on a Windows Vista machine in my LAN. As you know, there 
are no patches for this vulnerability, so I expected it to work like a charm. However, nothing happened after waiting 
for 180 seconds and the output said: "Exploit completed, but no session was created". I looked to my Vista machine, and 
nothing at all happened. 

Can anyone please explain why the 'sploit did not work as expected? 

Here is the configuration. 


Windows XP Laptop 
     (attacker)             --------------------------- Wireless Router ------------------------------- Windows Vista 
Laptop
                                                                       |                                                
 (victim)
                                                                       |
                                                                       |
                                                                       |
                                                                 Modem (Internet Gateway) 
                                                                       |
                                                                       |
                                                             (Internet cloud)


Any help on this matter will be greatly appreciated! 

Sincerely, 

Professor 0110
This e-mail and any attachments may be privileged, confidential, and/or proprietary. If you are not the intended 
recipient of this email, please delete it and do not read, distribute, or reproduce it. The unauthorized use of this 
e-mail is strictly prohibited. Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20091001/eaa20c85/attachment.html>

Current thread:

smb2_negotiate_func_index problem Professor 0110 (Oct 01)
- smb2_negotiate_func_index problem HD Moore (Oct 01)
- smb2_negotiate_func_index problem Lukas Kuzmiak (Oct 01)
- <Possible follow-ups>
- smb2_negotiate_func_index problem Darren Shady (Oct 01)
  - smb2_negotiate_func_index problem Professor 0110 (Oct 01)
    - smb2_negotiate_func_index problem c0lists (Oct 01)
    - smb2_negotiate_func_index problem Patrick Webster (Oct 01)