Metasploit help please | Defend the Web

Gninja
11 years ago

0

Hi guys,

Ive been learning how to use this exploit >> exploit/windows/smb/ms08_67_netapi and I connect fine and can do screenshots…ect of the target machine however when I run a keyscan_start and then a keyscan_dump its not capturing the key strokes??? any ideas why not? any help will be much appreciated.

(Im running Kali-Linux and Win XP Pro SP3 target machine on VMware)

![Image](/files/media/images/articles/0/0/up_bac59c3405ec8a1a28d6347c0b6ed62c.jpg)

[deleted user]
11 years ago

0

Hi bro, i’ve got the same problem ;)
i can use almost any command but the keyscan is simply not working, i guess its outdated ;) !
i think we need to wait for an update of some kind!

Gninja
11 years ago

0

I spoke to a developer I know and it does work on some unpatched machines but like you said we have to wait until they find a way to exploit new patches then update metasploit :(

![Image](/files/media/images/articles/0/0/up_bac59c3405ec8a1a28d6347c0b6ed62c.jpg)

tOxicWast3
11 years ago

0

If you know anything about the code it was written in you could always ask to join the open source project and take a look for yourself. You may be able to run a debug and find out which part of the code is not firing when it should.

tOxicWast3
11 years ago

0

It may also have issues with VMware as well.

Gninja
11 years ago

0

Nice @tOxicWast3 I tried it in a live environment instead of VMware and it worked ^__^

I sent an email off and it seems to only be a problem when using VMware workstation.

![Image](/files/media/images/articles/0/0/up_bac59c3405ec8a1a28d6347c0b6ed62c.jpg)

R4z0r
11 years ago

0

I test this all the time in VM Labs and it only works occasionally. A good alternative rather than getting it to display in Meterpreter is to redirect the output to a file.

Gninja
11 years ago

0

I just gave it a try and it worked hmmmmm you learn something every day :D

![Image](/files/media/images/articles/0/0/up_bac59c3405ec8a1a28d6347c0b6ed62c.jpg)

R4z0r
11 years ago

0

No problem, If you need any help with Metasploit I have all the documentation.

Gninja
11 years ago

0

Sounds good PM me

![Image](/files/media/images/articles/0/0/up_bac59c3405ec8a1a28d6347c0b6ed62c.jpg)

oxide
11 years ago

0

how is metasploit really i have never used it for remote pentests i usually use it from inside do you guys actually find that it works also if you read up on autopwn thats cool 2

i bake therefore im fried!!

tOxicWast3
11 years ago

0

Gninja,
Along with the documentation (it may even be the same) that R4zor is wiiling to offer, the website also has a free tutorial that will walk you through the syntax and how to use both msf and msfpro as well. If they are not the same it may be a good idea to pick up both.

oxide
11 years ago

0

good help toxic that is true they have a full tut on how to do this

http://www.offensive-security.com/metasploit-unleashed/Main_Page

i bake therefore im fried!!

Gninja
11 years ago

0

@oxide Yes that’s one of the best resources for Metasploit, it works great in all situations the only draw back is if you don’t have experience writing your own payloads then you have to wait for the db updates.

![Image](/files/media/images/articles/0/0/up_bac59c3405ec8a1a28d6347c0b6ed62c.jpg)

Gninja
11 years ago

0

R4z0r’s documentation was scanned hard copies from the course

![Image](/files/media/images/articles/0/0/up_bac59c3405ec8a1a28d6347c0b6ed62c.jpg)

tOxicWast3
11 years ago

0

Hey R4z0r,

You mind if I get a look at those doc’s you have from metaspoit? Also. I was wondering about the meterpreter you mentioned earlier. What exactly does that do? I know I could just “google it”, but I prefer the information I can get from another user on this site that I can see they know what they are talking about. Oh, and they are not just here to have one of us hack whatever it is they what for them. Sorry for the rant, I have seen more than a few lately.