Pantz Posted January 3, 2015 Share Posted January 3, 2015 Hello everyone! Super new here and have started going through some metasploit tutorials. Of course I have managed to run into an issue that I have not seen any tutorial run into. After I set my RHOST and RPORT and exploit it it sits at [*] Started reverse double handler And then goes back to the regular msf command line. I have attempted this attack from my laptop to the VM running on my desktop of metasploitable, as well as from the VM Kali linux running on my desktop, both results were the exact same. Does anyone have any idea where I should start? I have attached a file of what I am stuck looking at. Quote Link to comment Share on other sites More sharing options...
sud0nick Posted January 3, 2015 Share Posted January 3, 2015 I don't know how your network is setup but is your remote host (192.168.2.1) also your router? Did you intend on attacking that remote host? Also, typically when you exploit a vulnerability the console will tell you if it was successful and other times it won't tell you anything if it was not successful. My guess is that the exploit is failing because the remote system is not vulnerable. That is why you aren't seeing any response and can't execute any statements. Do some research on the exploit and make sure the remote system is actually vulnerable. Quote Link to comment Share on other sites More sharing options...
Pantz Posted January 3, 2015 Author Share Posted January 3, 2015 It should be. I was following a long a tutorial. When I nmap my router it it shows the open and vulnerable ports of the metasploitable thats set up on my Desktop through Virtual Machine Box. Whether I exploit it from my laptop or from my Kali Linux Virtual box on my desktop it will go back to the msf command line regardless. When I am following the tutorial nmap is showing me the same that they are seeing, and everything works just the same until I actually apply the exploit. Quote Link to comment Share on other sites More sharing options...
cooper Posted January 3, 2015 Share Posted January 3, 2015 And you know for a fact that the service running on your Desktop is exploitable? A port is just an access point. If the service listening behind it has been patched already you won't be getting nowhere, nmap results notwithstanding. For example, a customer of ours runs RHEL that ships with Apache 2.2 but to interact with our software we demand that to be 2.4. Security, latest version of everything, blah blah blah all a bunch of BS because RedHat is backporting all the security-related fixes onto their 2.2 install. No idea how that is incorporated in the version number so it might not be entirely obvious this is what's happening. Maybe you should detail the service you're trying to hack? Quote Link to comment Share on other sites More sharing options...
sud0nick Posted January 3, 2015 Share Posted January 3, 2015 The description of the exploit in the screenshot states it is for "Samba versions 3.0.20 through 3.0.25rc3 when using the non-default 'username map script' configuration option". I think Pantz is attacking a version that is not vulnerable. Quote Link to comment Share on other sites More sharing options...
cooper Posted January 3, 2015 Share Posted January 3, 2015 Ah. On the Desktop machine, the one you're trying to hack, run smbstatus (as root) and if samba is running it should tell you what version it is. Quote Link to comment Share on other sites More sharing options...
i8igmac Posted January 3, 2015 Share Posted January 3, 2015 Ill make a suggestion install a damn vuln operating system in another vm Perform a nmap scan to discover services running . Launch some exploits against the services The exploits are software version specific... You will learn the basics Quote Link to comment Share on other sites More sharing options...
sud0nick Posted January 3, 2015 Share Posted January 3, 2015 Ill make a suggestion install a damn vuln operating system in another vm Perform a nmap scan to discover services running . Launch some exploits against the services The exploits are software version specific... You will learn the basics He said he is running metasploitable which is a vulnerable version of ubuntu used to learn the basics. I'm still not sure if he is attacking the right system though. I don't know how his network is set up but I don't think metasploitable would sit at 192.168.2.1. Quote Link to comment Share on other sites More sharing options...
i8igmac Posted January 3, 2015 Share Posted January 3, 2015 Im sorry. sometimes i do that... my eyes quick scan the forum... what kind of machines are involved? windows-msf? vs exploitable on your windows machine type ipconfig, on your exploitable type ifconfig you should find ip address's that look like 192.168.1.100 10.0.0.100 depending on your vm setup, there are a few ways of setting up the network... you must first see if they can communicate with each other your exploitable is running a apache web server im sure, see if your machine can connect to it threw the web browser http:// ip of exploit able 10.0.0.100 / Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.