whe running nmap -p 445 -A 10.10.10.3 im getting that the smb version is 3.0.28a instead of the 3.0.20 which is the one in the walkthroughs. Does this make any difference for the exploit?
I noticed the same thing. The documented exploit only works for version 3.0.20 < 3.0.25rc3 and the current version is 3.0.28a.
I’m still digging, but haven’t found a fix yet. I might try the fix fluffikinz recommends, but it would be nice to know if there was some kind of change in the box/challenge. Seems inconsistent to make such a drastic change after the box is retired and so many have already owned it - to require a completely different tactic.
In case someone else would encounter a problem here … Basically, I’d say that Metasploit, if not specified with LHOST, will use the default network card’s IP. The thing is, because we’re connected to the lab through a VPN, this makes Metasploit listen on the “wrong” interface in this context.
To fix this, you’ll have to change LHOST with the IP address you have on the HTB network (tun0)
Update msf-framework. You will need to go into its /usr/share/metasploit-frame and “bundle install”. From there, your msf will have all updates and upgrade. There is a problem upgrading it in command line.
For LHOST, please try to figure out your IP address and set LHOST to that. Try to choose the right one by Google. You should be fine.
~~Not sure what I did different, but I just skipped this one for about a week and came back to it. Magically msf worked this time. ~~
However I did type in the wrong ip the first time running it, I’m going to chalk it up to either user error or something was wonky with the servers that got fixed. numbors R hard, make sure the connection handler in msf binds and if it doesnt check that your options are correct.
I was going through what I did step by step and realized:
! I used the OTHER samba port! I don’t know if maybe I refused to try that port for some odd reason but that was the issue. That seems like an issue I’d catch, but… seems that isn’t the case. Look at your scan, and try the other ports (if you dont know which one just try all of them, but nmap should give enough info to know which one). Feel dumb lol
I uninstalled metasploit ( sudo apt-get remove --auto-remove metasploit-framework ) and then re-installed the new build from their github repo. Installed it in my /opt folder and then installed all the dependencies (a bunch of ruby gems that will probably need some manual dpkg installs themselves) and now it works.
I guess the defualt Metasploit just didn’t work and upgrading it also didn’t.
This is what I ended up having to do as well. Except I re-installed using apt:
This didn’t help me with the manual exploits though; so there is still something in the 2020.4 kali instance that’s blocking stuff. For Legacy, the Win firewall kept getting enabled somehow, so many resets to figure it out.
Update msf-framework. You will need to go into its /usr/share/metasploit-frame and “bundle install”. From there, your msf will have all updates and upgrade. There is a problem upgrading it in command line.
For LHOST, please try to figure out your IP address and set LHOST to that. Try to choose the right one by Google. You should be fine.
OK changing LHOST to vpn just worked and I got meterpreter after changing through payloads. Now, I have new problem none of meterpreter commands work all end up with error or command unknown. even python is not recognised, priv extension doesn’t load hence getsystem wont work, uname no, getuid no, only thing worked is sysinfo
which says computer name is ‘passage’, OS is Linux Ubuntu and meterpreter-php/linux
help guys