search

chompie1337 / SMBGhost_RCE_PoC

1.32k stars 348 forks source link

Strange socket timeout issues #8

Open kernelzeroday opened 4 years ago

kernelzeroday commented 4 years ago

nmap shows 445 is open, however when attempting to run the exploit I get a socket timeout issue. 

PORT    STATE SERVICE       REASON  VERSION
445/tcp open  microsoft-ds? syn-ack

Traceback (most recent call last):
  File "exploit.py", line 465, in <module>
    do_rce(args.ip, args.port)
  File "exploit.py", line 426, in do_rce
    find_low_stub(ip, port)
  File "exploit.py", line 405, in find_low_stub
    buff = read_physmem_primitive(ip, port, index)
  File "exploit.py", line 205, in read_physmem_primitive
    buff = try_read_physmem_primitive(ip, port, phys_addr)
  File "exploit.py", line 212, in try_read_physmem_primitive
    write_primitive(ip, port, fake_mdl, pmdl_va)
  File "exploit.py", line 182, in write_primitive
    sock.recv(1000)
socket.timeout: timed out

Am I missing something stupid? Thanks

J1mX commented 4 years ago

I get this testing an old slow machine...