Can't create a Session with ms08_067_netapi
I have a small "lab" trying to pentest at home, and I have my main OS and on a VM I'm running Windows XP SP3 (ENG). I use the ms08_067_netapi and the reverse_tcp as a payload. When i use the exploit command this is what I get.
[*] Started reverse TCP handler on 192.168.1.69:4444
[*] Automatically detecting the target...
[*] Fingerprint: Windows XP - Service Pack 3 - lang:English
[*] Selected Target: Windows XP SP3 English (AlwaysOn NX)
[*] Attempting to trigger the vulnerability...
[*] Exploit completed, but no session was created.
What I can understand from that is that the exploit works, but the payload isn't able to function. The first thing I did was to change port from 4444 to 80 just in case, firewall was blocking the payload. I got the same reply, trying with both 80 and 443 as LPORT.
Do you have any suggestions on what else I could do?
Answer
The Answer is in that thread There are many reasons for this exploit to fail, in short:
The target is patched. 'Not supported language' error from the target. The payload can't execute correctly. Networking errors 'reverse connection through NAT'. From experience with the same issue, I recommend to do the following:
Try not to use VMs. Try another payloads, away from reverse connections. Try other versions of Windows XP. Change system languages 'sometime it works!'