Finding Shell. DEBUGLEVEL 5.

[hdm at metasploit.com (H D Moore)]

Could you try using the win32_bind_vncinject or win32_reverse_vncinject 
payloads? It looks suspiciously like the exploited FTP service does not 
have the require privileges to execute cmd.exe. The vnc injection payload 
should be able to work around this (and function just fine anyways, via 
RevertToSelf and other tricks).

-HD

On Tuesday 05 October 2004 09:17, [Arcangel] wrote:
> I tried with debuglevel 5 and only show me the this aditional
> information --> "KILLING CHILD:2960"
>
> [*] Starting Bind Handler.
> [*] REMOTE> 220 ftp Server Ready...
> [*] REMOTE> 331 User name okay, need password.
> [*] REMOTE> 230 User logged in, proceed.
> [*] REMOTE> 227 Entering Passive Mode (127.0.0.1, 4,106)
> [*] Trying to explot target ServU 5.0.0.0 ServUDaemon.exe
> [*] Got Connection from 127.0.0.1:114