Re: Pen Test help

From: H D Moore (sflist@digitaloffense.net)
Date: Sat Jul 16 2005 - 15:38:51 EDT

• Next message: luca.carettoni@ikkisoft.com: "Re: Bluetooth"
• Previous message: securityone@free.fr: "Re: Bluetooth"
• In reply to: Juda Barnes: "RE: Pen Test help"
• Next in thread: Juda Barnes: "RE: Pen Test help"
• Reply: Juda Barnes: "RE: Pen Test help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Could it be that the firewall is preventing you from accessing the
win32_bind port and blocking the outbound connection from win32_reverse?
You may want to try exploiting this from an external system and using
win32_reverse with a different LPORT value (53, 25, 80, etc). If the
"check" command in the WebDAV exploit thinks the system is vulnerable,
there is a pretty good chance that it is.

-HD

On Saturday 16 July 2005 10:14, Juda Barnes wrote:
> I allready used that I am unable to get win32_reverse or win32_bind
>
> With the two exploits nsiislog_post and webdav_ntdll
>
> Any other ideas ?
>
> -----Original Message-----
> From: er t [mailto:er587@hotmail.com]
> Sent: Friday, July 15, 2005 5:48 PM
> To: securityfocus@mymail.pent900.com; pen-test@securityfocus.com
> Subject: RE: Pen Test help
>
> Try Metasploit
>
> NSIISLOG.DLL -
> http://www.metasploit.com/projects/Framework/exploits.html#iis_nsiislog
>_post WebDav Remote exploit MS03-007 -
> http://www.metasploit.com/projects/Framework/exploits.html#iis50_webdav
>_ntdl l

• Next message: luca.carettoni@ikkisoft.com: "Re: Bluetooth"
• Previous message: securityone@free.fr: "Re: Bluetooth"
• In reply to: Juda Barnes: "RE: Pen Test help"
• Next in thread: Juda Barnes: "RE: Pen Test help"
• Reply: Juda Barnes: "RE: Pen Test help"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:35 EDT