waaaao eres bueno muy buen video

who is still using xp? :-p come on,

@Bl4ckS4b3r as of Feb 1, XP still has 47% of the market share.

cnet.com/8301-10805_3-57369463­-75/windows-xp-still-hanging-o­n-as-dominant-os

WHY? [-] Handler failed to bind to 192.168.0.101:4444

[*] Started reverse handler on 0.0.0.0:4444

[-] Exploit exception: The host (192.168.0.100:445) was unreachable.

[*] Exploit completed, but no session was created.

BUENO ME PODRIAS EXPLICAR QUE SIGNIFICA ESE -set RHOST 192.168.0.100

-set LHOST 192.168.0.101 Y SI SON LA IP DE LA VICTIMA Y LA IP DE MI PC COMO LAS SACO PORFABOR EXISTE UNA QUE ES EN CMD : IPCONFIG PERO HAY OTRA IP QUE ES LA DE INTERNET QUE ES 200.244.33.22 O ALGO ASI PODRIAS AYUDARME XFABOR O MANDARME UN MENSAJE YA ME SUSCRIBI

@Giancarloz96 Con windows es ipconfig y con Linux ifconfig. El resultado en windows se mostrara de la forma:

C:\Users\User>ipconfig

Windows IP Configuration

Wireless LAN adapter Wireless Network Connection: Connection-specific DNS Suffix . : ...... Link-local IPv6 Address . . . . . : xxx IPv4 Address. . . . . . . . . . . : 192.168.x.x ==> esta es la que ocupas....** Subnet Mask . . . . . . . . . . . : xxxx Default Gateway . . . . . . . . . : 192.168.x.1

@Giancarloz96 En cuanto a la otra pregunta... RHOST va a ser la ip de la victima y LHOST seria la ip del Atacante.

Si preguntas en Ingles es mas probable que te respondan mas rapido :)

Doumbledoor!!!

i hv one question we can do easily on our comp that it we are already in one network that is vmware and pc/laptop but if we try on friends pc lets assume that by default we can not directly do this that you done in video so we have to first scene its network and see if there is any port is open or not ......how to do that i don't know please explain that

@WierdNetwok so you're looking to port scan a machine that's not on your local network? I'd strongly suggest nmap. It's one of the best tools to have in your arsenal.

@backtracksecurityusr just so you know nmap is for local networks. you can learn more at our forum, s4b3rstealth.forumotion.pro

@Bl4ckS4b3r yes it is, but thanks for the tip!

a question , what is the comand for running screenshots ? i tested run screenshot -p /var/ww and it's not working ^^'

@adzoki Hi... I guess that it's too late.. But you should have the apache service started :)

good tutorial =)

And if you want to do this with another pc with another global pc ? how should we do it ?

i tested rhost global ip victim , lhost my global ip and this didn't work =/

I allways get this error exploit completed but no session created... What do i have to do

please help

@thahaXer Normally for me that error means that 1.) The OS is patched or at a different version, or 2.) the box has crashed. I've tanked my XP box a few times poking and prodding it with the metasploit framework. So is the box at the current patch level and is still receiving connections?

I think for my next vid i'll demonstrate how to check a box for vulnerabilities against all exploits and open up a session for you. Let me know if you have any questions or concerns.

@thahaXer--new vid up showing how to check a box against all known vulnerabilities. check it out, and see if it helps answer (or create anymore) questions. ;)

@backtracksecurityusr Hey. I have seen that new video about autopwn. thats the one that you ment right?.

And can i autopwn on every version of windows xp ex, SP3 and SP2...

And what am i able to do when i have started a session on the victims pc??

Thanks for all the good help

@thahaXer Yep. What can you do when you get a session? I think i can hook you up with some answers. This weekend i'll post a meterpreter 101 vid. count on it. Hopefully, it'll she'd some light on the subject. Let me know what you think.

@hakermal thanks, buddy.

@djruinerdotcom so far i could only get this off on XPSP3. What OS you working with?

what kind of machine are you starting it on, any windows machine? cant get this to work

@djruinerdotcom The machine being tested on is an out-of-the-box install of XPSP3. ms08_067 was discovered a few years back, so an up-to-date machine might not be vulnerable. I'm working on a vid to show how to get at a fully-patched system.

@backtracksecurityusr that'd be cool, yea I figured out the machine was totally closed off behind a firewall ... No open ports below 1024 running windows 7 ... lol ... this was a cool video though

@backtracksecurityusr it said the connection was refused by the remote host. ( ip address) exploit completed but no session was created any help?

@nate18871 Well what kind of machine are you trying to get it to work on? As he stayed in an earlier comment, this is for (XPSP3) Windows XP Service Pack 3. Do a google search on ms08_067.

@wizardaim said*