Blak3 Posted January 8, 2012 Posted January 8, 2012 Hi there. I saw some very experienced guys when we talk about pentesting. Maybe i am new here, and i came with a reason. I think i can find some help here, and i would like to solve my problem(im 3 days locked at home trying to solve this -.-), so lets begin I dont know what the hell is wrong with my backtrack. As i see everyone(except me) has a folder framework3 in /pentest/exploits/(later i saw, that /pentest/exploits/framework should be = /opt/framework/msf3 = the one above). My msf is up to date v 4.2.0 but still i got are folders, framework and framework2. Nvm that, i tried exploiting non updated windows xp systems and this is what i've got so far -.- THIS IS ON SP3 ----using the payload windows/download_exec [-] Exploit failed: No encoders encoded the buffer successfully. [*] Exploit completed, but no session was created. also on sp3 ----using the payload bind_tcp Automatically detecting the target... Fingerprint: Windows XP - Service Pack 3 Selected Target: Windows XP SP3 (NX) Attempting to trigger the vulnerability... Exploit completed, but no session was created. sux right? Anyway now tried on sp2 ----using the payload reverse_tcp [*] Started reverse handler on 10.10.10.137:4444 [-] Exploit exception: The connection timed out (10.10.10.139:445). [*] Exploit completed, but no session was created. also tried with download_exec but forgot to copy the output, anyway the last output stays same("Exploit completed, but no session was created"). I need help of this badly because i cannot keep pentesting anything else everything seems screw'd up <_<. Hope i get this done Quote
bobbyb1980 Posted January 8, 2012 Posted January 8, 2012 First off, stop using Windows. Also the location of the console, encoder, etc is probably /usr/local/bin You should probably explain what it is you want to do. Quote
Blak3 Posted January 8, 2012 Author Posted January 8, 2012 Seems like you didnt understand my topic, also other 16 viewers so far. In topic title i put backtrack, so probably im using backtrack but anyway those system's i mentioned above are my victims and i am penetrating them Quote
bobbyb1980 Posted January 8, 2012 Posted January 8, 2012 Yeah I see that, sorry. So you're running executables on a victim in hopes of getting a shell? Are you trying this from over the internet or on the lan? How are you delivering the payload (java, .pdf, .exe, web apps)...? What other variables are involved? Is the victim a virtual machine? If you're executing from over the internet, whats your connection type (in my experience meterpreter doesn't like 3g)? If you want help you'll have to be much more specific. Quote
Blak3 Posted January 8, 2012 Author Posted January 8, 2012 Na im running it from virtual machine. My host is win 7 with virtualbox attached with these 3 systems. The payload should be delivered using exploit as i know Quote
Infiltrator Posted January 9, 2012 Posted January 9, 2012 (edited) 1) Can I suggest you to download the latest version of Backtrack if you haven't done so. 2) This error "Exploit completed, but no session was created." usually means, the target you are trying exploit is not exploitable, or not vulnerable to the exploit you are using. 3) Make sure your target machine does not have any patches installed, to determine, go to Control Panel, "Add or Remove programs" and uninstall any MS KB update you see. 4) Don't always revert to the same exploit, try different exploits until you find one that works well. 5) Make sure there are not firewall or any security essentials installed. 6) If you are still having issues exploiting your target, download this vulnerable VM. http://metasploit.com/help/test-lab.jsp http://www.offensive-security.com/metasploit-unleashed/Metasploitable Edited January 9, 2012 by Infiltrator Quote
Blak3 Posted January 10, 2012 Author Posted January 10, 2012 So here i come with the fix, damn. I used the virtualbox host-only adapter and i thought the traffic will be only between host and guests(but not, the traffic anyway goes trough router) so i had to port forward on my router the port i am exploiting for the specified ip :D Quote
Infiltrator Posted January 10, 2012 Posted January 10, 2012 (edited) Good work, its good to learn how to do things yourself. Its a very rewarding experience. Edited January 10, 2012 by Infiltrator Quote
Faheem Posted February 15, 2012 Posted February 15, 2012 Hi there, Blk3 i need your help. I am facing the problem similarly as yours.... I am using Backtrack 5 on VmWare. Using network configuration as Bridged. Backtrack ip is 192.168.10.181 My host OS is winsows xp sp3 ip 192.168.10.3 both machines can ping each other. Win XP is physically install on my system and using Backtrack as guest OS in VM ware when i exploit the windows vulnerability of remote code execution i.e ms07_067_netapi i face following problem Automatically detecting the target... Fingerprint: Windows XP - Service Pack 3 Selected Target: Windows XP SP3 Attempting to trigger the vulnerability... Exploit completed, but no session was created. I think my problem is same as yours can you please tell me how to figure this out.................. As you have done this before. Thanks in advance ......... Quote
Atomix.Gray Posted March 27, 2012 Posted March 27, 2012 I am also seeing the same issues - using VMware. Quote
nopenopenope Posted March 27, 2012 Posted March 27, 2012 All I can say is make sure your VM is set up as bridged, (I keep the 'Replicate physical network connection state' option checked), Use windows xp service pack 2. Make sure you select a payload, the exploit may complete, but if there's no payload to upload once it completes you won't be able to get a session. First try pinging your windows xp machine, if you can't, you have some other network issue, it could be your VM settings, or your normal network settings. Once your able to "see" the victim machine, try using metasploit again. If you still have issues with metasploit after you can "see" your victim machine, post your complete inputs and outputs from start to end of what your doing in metasploit, and I'll see if I can help. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.