Metasploit mailing list archives
Queries on CABRIGHTSTOR exploit
From: mmiller at hick.org (mmiller at hick.org)
Date: Thu, 27 Oct 2005 09:07:15 -0500
On Thu, Oct 27, 2005 at 12:29:42PM +0530, 3 shool wrote:
On Wed, Oct 26, 2005 at 06:06:05PM +0530, 3 shool wrote:LHOST: my local machine IP 192.168.1.3 <http://192.168.1.3/> <http://192.168.1.3>RHOST: vulnerable servers IP TARGET: 0 PAYLOAD: win32, win32_reverse_ord, win32_reverse_ord_vncinject CMD: dir Just a guess, but is the vulnerable machine somewhere else on the internet or is on the local LAN? In other words, can the vulnerable machine communicate with 192.168.1.3 <http://192.168.1.3>? I'd guess that's what your problem is. You might be better of using the bind payloads if you're unsure, although you will be subject to any inbound filtering the target machine has. It's also possible that the address being used by the exploit may not be working correctly on the target machine. You'd need to do some analysis to determine this.The vulnerable machine is on internet. But I also tried the CMD execution payload which I feel should work in this case. And there isn't a bind payload for this module. Any idea how can I create one? I would appreciate some more pointers from experts.
Well, the command that you were sending is 'dir'. I'm assuming that you were expecting to see some sort of output. The problem is that the command execution payload does not pipe output over a socket (because it doesn't establish any sort of connection). Therefore, it's possible that the command is indeed executing but you just aren't seeing it (furthermore, dir is an intrinsic command to the command shell). Indeed, it does look like there is limited space for the payload (which is why you aren't seeing the bind payloads). Your best bet is to probably do a port forward on the NAT device that you're using to communicate with the internet such that you can make use of the reverse payloads. Alternatively, you could execute a more meaningful command.
Current thread:
- Queries on CABRIGHTSTOR exploit 3 shool (Oct 26)
- Queries on CABRIGHTSTOR exploit mmiller at hick.org (Oct 26)
- Queries on CABRIGHTSTOR exploit 3 shool (Oct 26)
- Queries on CABRIGHTSTOR exploit Jerome Athias (Oct 27)
- Queries on CABRIGHTSTOR exploit 3 shool (Oct 27)
- Queries on CABRIGHTSTOR exploit Jerome Athias (Oct 27)
- Queries on CABRIGHTSTOR exploit 3 shool (Oct 26)
- Queries on CABRIGHTSTOR exploit mmiller at hick.org (Oct 27)
- Queries on CABRIGHTSTOR exploit mmiller at hick.org (Oct 26)