Jump to content

Ms03_026_dcom Exploit Not Completed


Skorpinok Rover

Recommended Posts

Hello,

Im using backtrack 5R2 inside virtual machine along with target machine Windows XP SP2, The add user exploit ms03_026_dcom fails to complete on my target machine , the firewall is off, iam i wrong somewhere ? are there any settings to be done on target machine ? please suggest me, great thanks in advance.

Payload options (windows/adduser):

Name Current Setting Required Description

---- --------------- -------- -----------

EXITFUNC thread yes Exit technique: seh, thread, process, none

PASS metasploit yes The password for this user

USER metasploit yes The username to create

Exploit target:

Id Name

-- ----

0 Windows NT SP3-6a/2000/XP/2003 Universal

msf exploit(ms03_026_dcom) > exploit

[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...

[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.56.101[135] ...

[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:192.168.56.101[135] ...

[*] Sending exploit ...

msf exploit(ms03_026_dcom) >

Regards.

Link to comment
Share on other sites

Its possible that exploit was fixed in SP2 or some other update the machine was already patched with, or the services that are required to make it work, are not running on the machine. ms_03 means its from 2003. SP2 came out in 2004 I believe, so chances are, its already patched on that box.

Try ms08_068 though. That should work on pre SP3 boxes(and some SP3 boxes). Services to make sure to have up first, Server Service, Computer Browser, Workstation and Windows Firewall/Internet Connection Sharing.

Link to comment
Share on other sites

Its possible that exploit was fixed in SP2 or some other update the machine was already patched with, or the services that are required to make it work, are not running on the machine. ms_03 means its from 2003. SP2 came out in 2004 I believe, so chances are, its already patched on that box.

Try ms08_068 though. That should work on pre SP3 boxes(and some SP3 boxes). Services to make sure to have up first, Server Service, Computer Browser, Workstation and Windows Firewall/Internet Connection Sharing.

I think digip meant ms08-067 instead of 068.

Link to comment
Share on other sites

Thank you Digip for this timely advice.. , thanks a lot,..

Its possible that exploit was fixed in SP2 or some other update the machine was already patched with, or the services that are required to make it work, are not running on the machine. ms_03 means its from 2003. SP2 came out in 2004 I believe, so chances are, its already patched on that box.

Try ms08_068 though. That should work on pre SP3 boxes(and some SP3 boxes). Services to make sure to have up first, Server Service, Computer Browser, Workstation and Windows Firewall/Internet Connection Sharing.

Link to comment
Share on other sites

I think digip meant ms08-067 instead of 068.

Yup. Typo. 067 is the one.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...