Jump to content

Archived

This topic is now archived and is closed to further replies.

arikbku

Exploit port 139 Metasploit

Recommended Posts

You don't exploit a port, you exploit the service running on that port.

Also, ports are arbitrary because you can bind any service to run on any port.

Share this post


Link to post
Share on other sites

That being said by Mr Protocol, what he says is true, however, port 139, is usually used to identify Windows systems, so if you're looking to exploit "port 139" as you put it, first thing you will want to do is identify a system with port 139 open, thoroughly determine if its a true open port, the OS, or if its a honeyport/honeypot. With port 139 open, most likely, you should see ports 135-139 open, and be able to fingerprint it as windows of some sort. Higher up ports also open on same box, may help narrow down which windows OS it is, but you can bind a service to port 139 in linux or any OS, or even port forward from a router and servers for different reasons, such as honeypots. You hit the port, they record your ack, and then add you to a hostile IP list, and block you from the rest of the box, so you need to be stealthy in your work.

Well known ports, are ports 1-1024, and usually defined by IANA, but that doesn't mean you can't assign any service to any port(depending on the OS and if something is already running on that port)

Check this list for more help:

http://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xml

Might shed some light on what you're after, give you insight into probing ports and fingerprinting known services and operating systems.

Share this post


Link to post
Share on other sites

Thanks a lot , I was just wondering if there was any exploit to get into a windows 7 pc remotely , like a ms08_067_netapi but on Windows 7 , that's why i thought that netbios was an option , but is there any way to exploit win 7 remotely (still in lan)

Share this post


Link to post
Share on other sites

ms08_067 is an XP/server 2003 attack, doesn;t work on Vista and Win7, although I think Mubix has a similar hack that works on Win7 much like the old ms08_067 attack. Hit up his blog on http://www.room362.com/ or one of his other blog sites. He'd probably know similar RPC attacks and Server service attacks for Win7.

Share this post


Link to post
Share on other sites

Thanks a lot but I couldn't find any remote exploit , which did you find ?

Remote exploits are only going to work if they are not behind NAT(and you aren't as well or port forward to your listening port for Metasploit), so first, you have to get past NAT to get onto the internal LAN of your target as the WAN side will usually be firewalled or behind a router, then work you way through machines on the target network from there ;)

Share this post


Link to post
Share on other sites

Ok , thank u very much

You're welcome. Most people forget about NAT, but if you see port 139 exposed from the internet side, most likely, the box is directly conencted to the modem, or in a DMZ. Be stealthy, use various nmap scans, and be sure its not a honeypot/honeyport. You wouldn't normally see port 139 from the internet over WAN, and normally only see it on the LAN side, if you're already on the same LAN/Subnet/Segment.

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...