mailing list archives
Re: Great tool, but facing error initially
From: HD Moore <hdm () metasploit com>
Date: Mon, 12 Apr 2010 09:48:27 -0500
On 4/12/2010 2:16 AM, vishesh kumar wrote:
Thanks all of you who developed such a nice tool for penetration
testing. I am new for metasploit. I tried to hack a windows xp system
(with sp3) using exploit ms08_067_netapi with payload
vncinject/reverse_tcp. But i always return with message Exploit
completed but no session was created. Before using exploit, i ensured
that victim windows xp system have vulnerability ms08_067 (using tool
Microsoft Security Baseline analyzer).
There are lots of reasons this can happen, the common issues:
* The payload can't connect back to you due to local firewall rules
* The payload stage is blocked by AV or HIPS software
* The exploit target was manually set to the wrong one
* The target system has some non-standard configuration
Check your local firewall, try switching to bind_tcp payloads, and try
using a different payload entirely (shell, meterpreter, etc). Keep in
mind you may need to reboot the target between attempts.
If the target does *not* crash after a few attempts (PIPE_UNAVAILABLE
errors), then the target is not actually vulnerable.