[framework] can there be a succeeded exploit?
H D Moore
hdm at metasploit.com
Wed Feb 6 21:26:42 CST 2008
Try using the windows/shell/bind_tcp payload first. More than likely, the
exploit succeeded, the user was added, but the adduser payload did not
clean up after adding the new user account. To verify, run the "net user"
command from the shell and see whether the new account exists. If the new
account does not exist and the bind shell payload doesnt result in an
interactive session, that it likely means that your system needs a
different target to work.
Any chance you are running a non-English locale on your target system?
-HD
On Wednesday 06 February 2008, Prince Brave wrote:
> I am a new member.I am running
> Microsoft windows 2000 5.00.2195(advance server 2000)
> on vmware .I never patched the system ,I began my learning from using
> the lsass MS04-011 exploit, and use the add user payload,but my server
> just prompt and reboot then,I feel upset,because it seems that I didn't
> make a succeed exploit.So can anyone offer me a usable exploit and let
> me join the exploit world happy?
More information about the framework
mailing list