4

I am following Georgia Weidman book - Penetration Testing A Hands-On Introduction to Hacking. In her book, a Windows XP SP3 iso vulnerable to ms_08_067 is needed. I have an XP VM, but looks like this is patched since the exploit does not work. I also tried to check for the vulnerability with nmap, but it does not display any output. I am guessing that the output implies is not vulnerable since other nmap script works just fine.

root@X:~# nmap -p 445 --script smb-vuln-ms08-067 10.0.0.71
Starting Nmap 7.40 ( https://nmap.org ) at 2017-03-23 17:10 AST
Nmap scan report for 10.0.0.71
Host is up (0.00079s latency).
PORT    STATE SERVICE
445/tcp open  microsoft-ds
MAC Address: 08:00:27:D3:A1:69 (Oracle VirtualBox virtual NIC)

Nmap done: 1 IP address (1 host up) scanned in 0.51 seconds

Can someone share with me an Windows XP SP3 iso that is vulnerable to such VM? I have downloaded at least 3 of them, but they look patched. Any help will be appreciated.

Current VM info: Microsoft Windows XP SP3 Version 2002 Service Pack 3.

ed1111
  • 43
  • 1
  • 6
  • Version 2002? What does that mean? Check the target machine and make sure KB958644 is not installed. – DKNUCKLES Mar 24 '17 at 00:40
  • Sounds like an interesting book. I'm going to have to check that out. – wogsland Mar 24 '17 at 01:29
  • @DKNUCKLES how I do that? I dont see any software installed in control panel.. Can you elaborate (more of a linux guy here)? I highlighted the 2002 because I am not sure if that version comes patched.. So far all of the isos that I found are the same – ed1111 Mar 24 '17 at 03:39
  • 1
    @wogsland It is! I am using it as prep work ofr OSCP – ed1111 Mar 24 '17 at 03:40
  • 1
    I can't recall the exact name of things in XP, but you need to go to Control Panel > Add / Remove Programs and then "View Installed Updates". If you see an update with the aforementioned KB installed then the issue has been patched. That book is a great resource for that course - I would also recommend looking at The Hacker Playbook 2 (and maybe read a bit about buffer overflows prior to the course) – DKNUCKLES Mar 24 '17 at 12:58
  • @DKNUCKLES I just verified, that update is not installed.. the only update installed was CAPICOM (KB931906). I uninstalled that one I tried again, but it did not hcange anything... :/ . By any chance, do you have an Windows XP SP3 iso vulnerable to that that you can share?. The other thing is that I am using an updated version of Kali, will try with the book one once it downloads, but it should not change anything – ed1111 Mar 24 '17 at 17:49
  • @ed1111 hey! I'm having the same problem as you, were you able to solve it? Thanks! – Carles Mitjans Sep 03 '17 at 20:51

0 Answers0