Penetration Testing mailing list archives

Re: Pen Test help

From: H D Moore <sflist () digitaloffense net>
Date: Sun, 17 Jul 2005 22:35:03 -0500

On Sunday 17 July 2005 14:32, Juda Barnes wrote:

 Anyway   the machine have 53/tcp  open port   so if I will have the
right exploit I will be able to bind to 53 the shell


That won't work. To bind on top of another service under Windows you have 
to specify the local address in the bind() call. The metasploit 
win32_bind payloads do not do this, so it will end up binding a shell to 
some random TCP port instead.

Your best bet is to put your attacking system outside of a firewall and 
use the win32_reverse payloads instead (25, 80, 443, etc).

msf iis50_webdav_ntdll(win32_exec) > check
[*] Server does not appear to be vulnerable
Well I tried most of the framework exploits none of them work.

Are you sure that the system is vulnerable to anything? The metasploit 
check seems to disagree with the Nessus scan results, are you using an 
older version of Nessus?

-HD

Current thread:

Pen Test help Juda Barnes (Jul 14)
- <Possible follow-ups>
- RE: Pen Test help er t (Jul 15)
  - RE: Pen Test help Juda Barnes (Jul 16)
    - Re: Pen Test help H D Moore (Jul 16)
    - RE: Pen Test help Juda Barnes (Jul 17)
    - Re: Pen Test help H D Moore (Jul 18)
- RE: Pen Test help Stephane Auger (Jul 18)
  - Re: Pen Test help H D Moore (Jul 18)
- FW: Pen Test help Juda Barnes (Jul 18)
- RE: Pen Test help Stephane Auger (Jul 18)
- RE: Pen Test help Roberts, Scott (Jul 18)