Metasploit mailing list archives
Re: smb_sniffer and browser autopwn
From: Richard Miles <richard.k.miles () googlemail com>
Date: Mon, 16 Aug 2010 23:56:54 -0500
No one? On Sun, Aug 15, 2010 at 4:07 PM, Richard Miles <richard.k.miles () googlemail com> wrote:
Hi I was using smb_sniffer module and I see a few times a few connections like this New Connection from 10.1.1.3 Fir Aug 15 09:10:45 2010 10.1.1.3 1122334455667788 00 0000000000000000000000000000000000000000000000000 Windows Server 2003 R2 3790 Service Pack 2 My question is, why is missing the username and group? Also, why the hash is a full 0000000...? I mean, it's not because the system is configured with high secure like just accept NTLMv2 and refuse all others. Why it happens? About metasploit autopwn, it's constantly updated? I mean, if a new IE or Java bug is found and a exploit is created for metasploit, it automatically will be detected and loaded by browser autopwn? Or a developer has to modify the code to include it? Thanks
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- smb_sniffer and browser autopwn Richard Miles (Aug 15)
- Re: smb_sniffer and browser autopwn Richard Miles (Aug 16)
- Re: smb_sniffer and browser autopwn Kurt Grutzmacher (Aug 17)
- Re: smb_sniffer and browser autopwn Richard Miles (Aug 17)
- Re: smb_sniffer and browser autopwn egypt (Aug 17)
- Message not available
- Re: smb_sniffer and browser autopwn egypt (Aug 27)
- Re: smb_sniffer and browser autopwn Kurt Grutzmacher (Aug 17)
- Re: smb_sniffer and browser autopwn Richard Miles (Aug 16)
- Re: smb_sniffer and browser autopwn Richard Miles (Aug 17)