Re: Problems with metsvc

[David Gomes <skysbsb () gmail com>]

I had tried with a clean checkout:

root@skys-laptop:/pentest/exploits# svn co
https://metasploit.com/svn/framework3/trunk fm3
root@skys-laptop:/pentest/exploits# cd fm3
root@skys-laptop:/pentest/exploits/fm3# svn info
Path: .
URL: https://metasploit.com/svn/framework3/trunk
Repository Root: https://metasploit.com/svn
Repository UUID: 4d416f70-5f16-0410-b530-b9f4589650da
Revision: 7214
Node Kind: directory
Schedule: normal
Last Changed Author: hdm
Last Changed Rev: 7214
Last Changed Date: 2009-10-20 16:43:27 -0200 (Tue, 20 Oct 2009)

and tried everything again.. but fails as before

tcpdump:
root@skys-laptop:/pentest/exploits/fm3# tcpdump -i eth2 -n port 31337
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth2, link-type EN10MB (Ethernet), capture size 96 bytes
17:21:18.482093 IP 192.168.1.70.46479 > 192.168.1.74.31337: S
4015369726:4015369726(0) win 5840 <mss 1460,sackOK,timestamp 16139870
0,nop,wscale 6>
17:21:18.483443 IP 192.168.1.74.31337 > 192.168.1.70.46479: S
2245439226:2245439226(0) ack 4015369727 win 64240 <mss 1460,nop,wscale
0,nop,nop,timestamp 0 0,nop,nop,sackOK>
17:21:18.483498 IP 192.168.1.70.46479 > 192.168.1.74.31337: . ack 1 win 92
<nop,nop,timestamp 16139870 0>
17:21:18.514326 IP 192.168.1.74.31337 > 192.168.1.70.46479: F 1:1(0) ack 1
win 64240 <nop,nop,timestamp 67360 16139870>
17:21:18.518892 IP 192.168.1.70.46479 > 192.168.1.74.31337: . ack 2 win 92
<nop,nop,timestamp 16139881 67360>


root@skys-laptop:/pentest/exploits/fm3# md5sum data/meterpreter/metsrv.dll
41cce8dcb5e0ed094047060c239168c0  data/meterpreter/metsrv.dll

ot@skys-laptop:/pentest/exploits/fm3# ./msfconsole

#    # ###### #####   ##    ####  #####  #       ####  # #####
##  ## #        #    #  #  #      #    # #      #    # #   #
# ## # #####    #   #    #  ####  #    # #      #    # #   #
#    # #        #   ######      # #####  #      #    # #   #
#    # #        #   #    # #    # #      #      #    # #   #
#    # ######   #   #    #  ####  #      ######  ####  #   #


       =[ msf v3.3-dev [core:3.3 api:1.0]
+ -- --=[ 432 exploits - 261 payloads
+ -- --=[ 21 encoders - 8 nops
       =[ 197 aux

msf > use exploit/multi/handler
msf exploit(handler) > set RHOST 192.168.1.74
RHOST => 192.168.1.74
msf exploit(handler) > set PAYLOAD windows/metsvc_bind_tcp
PAYLOAD => windows/metsvc_bind_tcp
msf exploit(handler) > set LPORT 31337
LPORT => 31337
msf exploit(handler) > exploit

[*] Starting the payload handler...
[*] Started bind handler


On Tue, Oct 20, 2009 at 4:52 PM, HD Moore <hdm () metasploit com> wrote:

> On Tue, 2009-10-20 at 16:37 -0200, David Gomes wrote:
> > I think there is some problem with the protocol... i made everything
> > right and just dont work..
>
> Please try a fresh checkout of metasploit and give that another shot --
> I am working on integrating metsvc with the metasploit trunk now and
> automating what you are doing via a new meterpreter script. This should
> let us nail down any issues going forward.
>
> -HD
>
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework