Metasploit mailing list archives
Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026
From: masterl_dae at gmx.de (Christian Liesegang)
Date: Tue, 17 Jan 2006 20:19:05 +0100
Well, to be sure I installed the 2.5 Framework on my Linux Box, too. It works as intended, but to be sure I deactivated the firewall. You we're right it was activated, but because 2.5 exploits work even with an activated firewall it would be very strange if it might not work with 3.0. So I deactivated the firewall, but still the 3.0 exploit fails with the same fault: Exploit failed: DCERPC FAULT => 0x000006f7 ken zo schrieb:
I don't know if this will help, but did you check to make sure that the Firewall was disabled? I believe Suse10 automatically starts the firewall by default and doesn't open any ports.From: Christian Liesegang <masterl_dae at gmx.de> To: framework at metasploit.com Subject: [framework] Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 Date: Mon, 16 Jan 2006 20:50:15 +0100 MIME-Version: 1.0 Received: from sugar.14x.net ([66.234.161.200]) by bay0-mc5-f9.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.211); Mon, 16 Jan 2006 11:52:28 -0800 Received: (qmail 13063 invoked by uid 1006); 16 Jan 2006 13:49:49 -0600 Received: (qmail 227 invoked from network); 16 Jan 2006 13:49:48 -0600 X-Message-Info: 6sSXyD95QpX04MKU6OaDr48jtjOIxnxsvF218/AfFAU= Mailing-List: contact framework-help at metasploit.com; run by ezmlm Precedence: bulk X-No-Archive: yes List-Post: <mailto:framework at metasploit.com> List-Help: <mailto:framework-help at metasploit.com> List-Unsubscribe: <mailto:framework-unsubscribe at metasploit.com> List-Subscribe: <mailto:framework-subscribe at metasploit.com> Delivered-To: mailing list framework at metasploit.com X-Authenticated: #1867461 User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923) X-Accept-Language: de-DE, de, en-us, en X-Y-GMX-Trusted: 0 Return-Path: framework-return-818-kenzo_chin=hotmail.com at metasploit.com X-OriginalArrivalTime: 16 Jan 2006 19:52:28.0854 (UTC) FILETIME=[618C3560:01C61AD6] Hello , during the last weeks I experimented with the 2.5 framework using the windows version and exploited successfully a window 2000 in a virtual machine. Now I set up a Suse 10 in a Virual Maschine, too. I tried to play around with the Framework 3.0 and tried the same exploit (dcom_ms03_026) on the same w2k box from the SuSE 10, but this time I got: [*] Started reverse handler [*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal... [*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0 at ncacn_ip_tcp:192.168.152.3[135] ... [*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0 at ncacn_ip_tcp:192.168.152.3[135] ... [*] sending exploit ... [-] Exploit failed: DCERPC FAULT => 0x000006f7 My SuSE Box comes with Ruby 1.8.2 so I think it should work. While the 3.0 fails, I could exploit with the 2.5 again and again. I would be very thankful if someone could give my a hint. Regards_________________________________________________________________ Express yourself instantly with MSN Messenger! Download today - it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
Current thread:
- Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 Christian Liesegang (Jan 16)
- Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 H D Moore (Jan 16)
- Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 ken zo (Jan 16)
- Problem between 2.5 and 3 Alpha 2 - dcom_ms03_026 Christian Liesegang (Jan 17)