Connection timeout both via metasploit and manual exploits (Legacy)

Having very frustrating problems with several boxes in relation to this issue, but right now I am working with the retired box Legacy.

I am able to ping the box, and am able to run nmap against it. I have connectivity.

I run into issues when trying to exploit the box. Legacy is vulnerable to both ms17_010 and ms_08_067_netapi. After not having any luck using metasploit and getting a session, I looked up several writeups for this box and followed them to the letter; I still can’t get a session. I followed this writeup Hack The Box | “Legacy” Writeup – Esseum Tech. Upon exploitation I get:

msf5 exploit(windows/smb/ms08_067_netapi) > exploit

[] Started reverse TCP handler on
[-] - Exploit failed [unreachable]: Rex::ConnectionTimeout The connection timed out (
] Exploit completed, but no session was created.

or with MS17

msf5 exploit(windows/smb/ms17_010_psexec) > exploit

[] Started reverse TCP handler on
[-] - Rex::ConnectionTimeout: The connection timed out (
] Exploit completed, but no session was created.

I also tried a manual exploit for ms17_010 per this page: Hack The Box — Legacy: Penetration Testing without Metasploit | by SimonSays | Medium using the exploit and its dependencies from Github. I have impacket installed and ran it in python 3 and ended up with an error in one of the impacket files referencing a socket timeout which smells of the same issue I am having in metasploit.

running ‘ufw status’ returns that ufw is inactive.

I have tried generating a new connection pack and downloading and using that.

metasploit v5.0.87-dev

Kali 2020.2

Can anyone advise on what is going on here? It’s bizarre to me that I can reach the box ( via ping and nmap but exploitation is having connectivity issues.

Updated metasploit to v5.0.97-dev by running ‘apt update; apt install metasploit-framework’. Then encountered errors concerning ‘io-console’ not being found and was told to run ‘bundle install’. Ran into further issues here solved by switching to /usr/share/metasploit-framework and running ‘gem install io-console’ and then ‘bundle install’.

MS17 and MS08_067 now work. Had to switch payloads to /windows/shell/reverse_tcp in order to get a session. Will now go and try to get in via the manual exploit and will report back.

running into same…any luck?

Yes I just revisited legacy and was able to do a manual exploit using both MS08_067 and MS17_010. See this guide: HTB: Legacy | 0xdf hacks stuff

for the exact details.