GoSecure / pywsus

Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.
https://gosecure.net/blog/
MIT License
293 stars 44 forks source link

Pywsus server doesnt respond #4

Closed Romska closed 3 years ago

Romska commented 3 years ago

Hi! Thanks a lot for your research. Its really great. Tried to reproduce your results in lab environment and created a domain. It consists of two machines:

Started everything as in the video, but nothing seems to happen. Pywsus doesnt react after arp-spoofing and host update request. Tried to run server on both Kali and Parrot OS.

Never used to install wsus before. Dont know whats the problem. Maybe you can share your lab environment (stands) or suggest where to look for?

1 traffic.txt

nitbx commented 3 years ago

Hi @Romska,

Can you confirm that the ARP spoofing is working? Are you able to MITM HTTP traffic with Bettercap targeting the Windows 10.

Thank you.

Romska commented 3 years ago

Yes, sure. In my first message I added a picture and on the top of it there is Wireshark with http filter. DC: 192.168.28.146 PC: 192.168.28.136 Attacker: 192.168.28.143 I also added file with traffic (traffic.txt) in the end.

nitbx commented 3 years ago

Hi @Romska and sorry for the delay.

It seems that your ARP spoofing attack does not work. Where did you perform the Wireshark capture? After, I would start with a basic proof of concept with Bettercap to confirm that the MITM is working. Here some flags that will help to perform the attack:

Keep in mind that PyWSUS is simply a web server, the MiTM is a crucial part of the chain of exploitation. Thank you.