search

rapid7 / metasploit-framework

Metasploit Framework
https://www.metasploit.com/
Other
33.73k stars 13.89k forks source link

Ms17-010 #11691

Closed komron01 closed 5 years ago

komron01 commented 5 years ago
komron01 commented 5 years ago

auxiliary(scanner/smb/smb_ms17_010) > show options

Module options (auxiliary/scanner/smb/smb_ms17_010):

Name Current Setting Required Description

CHECK_ARCH true no Check for architecture on vulnerable hosts CHECK_DOPU true no Check for DOUBLEPULSAR on vulnerable hosts CHECK_PIPE false no Check for named pipe on vulnerable hosts NAMED_PIPES /data/data/com.termux/files/usr/opt/metasploit-framework/data/wordlists/named_pipes.txt yes List of named pipes to check RHOSTS yes The target address range or CIDR identifier RPORT 445 yes The SMB service port (TCP) SMBDomain . no The Windows domain to use for authentication SMBPass no The password for the specified username SMBUser no The username to authenticate as THREADS 1 yes The number of concurrent threads

msf5 auxiliary(scanner/smb/smb_ms17_010) > set rhosts 10.23.132.10 rhosts => 10.23.132.10 msf5 auxiliary(scanner/smb/smb_ms17_010) > exploit

[-] 10.23.132.10:445 - An SMB Login Error occurred while connecting to the IPC$ tree. [] 10.23.132.10:445 - Scanned 1 of 1 hosts (100% complete) [] Auxiliary module execution completed

wvu commented 5 years ago

You need anonymous access to IPC$ in the mode you're using it. Try supplying some creds?

komron01 commented 5 years ago

How to make anonymous access??

busterb commented 5 years ago

You don't make it anonymous, the target has to have it enabled. https://support.microsoft.com/en-us/help/3034016/ipc-share-and-null-session-behavior-in-windows

Saoodistrainingforhax commented 3 years ago

And can you tell us how to enable it?

Nour963 commented 3 years ago

Ok so if anyone is still facing the error: (Tested on Windows server 2012 r2) -First run this script on the target machine to know whether it is vulnerable to eternalblue If the machine is not vulnerable, then it is patched, therefore remove all windows KB update/patch superior to '401..' > wusa /uninstall /kb:5003209
-Next if the script says that the machine is vulnerable but you still facing this issue, then open group policy editor > gpedit.msc Go to Computer Configuration\Windows Settings\Security Settings\Local Policies\Security Options edit 'Network access: Shares that can be accessed anonymously' and add " \ " to the empty list

Neeraj-Shilwant commented 2 years ago

Nour963 can you please explain the solution in brief I am still facing the problem.

Huiicat commented 1 year ago

the same problem here the version is Framework: 6.2.11-dev Console : 6.2.11-dev

and I try to use verions 5 with attackbox on tryhackme, it works. Does verion 6 have some bug here?

iswarn commented 10 months ago

An SMB Login Error occurred while connecting to the IPC$ tree.