0

I am following the book Penetration Testing: A Hands-On Introduction to Hacking from Georgia Weidman. In Ch 13, page 296 the psexec from metasploit is used against a Windows XP Profession SP3 (32-bit), but I got the following error:

Exploit failed [no-access]: Rex::Proto::SMB::Exceptions::LoginError Login Failed: The server responded with error: STATUS_LOGON_TYPE_FAILURE (Command=115 WordCount=0)

See above options for my exploit: ps exec options - exploit/windows/smb/psexec

I have also set the windows xp machine to behave like part of a domain: Start --> Run.. --> secpool.msc --> Security Settings --> Local Policies --> Network access: Sharing and security model for local accounts --> Classic - Local Users authenticate as themselves.

xp security seetings to be part of domain

and set it up the SMBDomain to WORKGROUP. When using enum4linux, my user (shariff) is not enumerated, but this is the one that I use to login (I also have the hash for it but again not working). Does this suggest that there is some setting that is not allowing me to connect?? enum4linux -U 1 enum4linux -U 2

This is driving me crazy.. any suggestions or ideas to fix this? username and password is correct, but still login failure error. Is there anything that I am missing?? How I can test smb to see if I can login with my user??

ed1111
  • 43
  • 1
  • 6

1 Answers1

1

Try setting the SMBDomain to a single dot "." or the system name rather than WORKGROUP and see what happens.

Joshua Gimer
  • 290
  • 1
  • 5
  • not sure why, but now it works! I restored some snapshot, and let SMBDomain to be a . and it worked. So, can you explain to me why it was not working with WORKGROUP? (From enum4linux the domain name is WORKGROUP). Thanks! – ed1111 Apr 09 '17 at 14:19