[framework] Exploit failed: create failed (with solaris/sunrpc/solaris_sadmind_exec)
Daniel Clemens
daniel.clemens at packetninjas.net
Wed Apr 2 14:50:24 CDT 2008
On Apr 2, 2008, at 1:27 PM, arthur zhang wrote:
> Thanks, it does help. Now I got:
> msf exploit(solaris_sadmind_exec) > exploit
> [*] Started bind handler
> [*] attempting to determine hostname
> [*] found hostname: nstest1
> [-] exploit failed
>
> Should I try another payload? 'show payloads' for this exploit
> doesn't give the solaris/x86/x payloads, should I try them anyway.
> As my understanding, the generic/x and cmd/x are script payloads
> while the solaris/x86/x are binary payloads, am I right? Thanks.
Check to make sure that the box is vulnerable by checking which
patches are installed (showrev -p).
SPARC Platform - Patch 116456-01
x86 Platform - Patch 116457-02
- Perform tcpdump (or snoop in this case) on the target box. See how
much traffic is being sent.
- check the log files on the box during the failure of the exploit to
see if any clues are available from the operating system.
Other Info:
http://www.securityfocus.com/bid/8615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=2003-0722
http://www.osvdb.org/4585
http://lists.insecure.org/lists/vulnwatch/2003/Jul-Sep/0115.html
-Daniel Clemens
More information about the Framework
mailing list