hmm..
i remember that once upon a time there was a perl script to extract the hostnames from google result sites..

anybody still knows or got it?

Same problem ,most of the times i get a shell, i can uploa my files ans start serv-u but there is no way to connect to the pc.
There isn´t ort 21 23 or anything like that open.
When i do a netstart i see my app running and with netstat i see it but its closed.
Does someone know he solution ???


TCP xxxx xxx.red-xxx.xxx.xxx:7000 CLOSE_WAIT

Just scan the server from the outside on open ports. If u see that ur serv-u port is open, u should be able to connect. If not, then a firewall must be installed. Try to kill it.

good works but it's old actual y

u can download the patch from here PATCH ME and yes u can patch from CMD just google a bit and u will find the answer

like its said over and over in this thread u get the bind error because u have something else running on the port that u told THCIISSLame on... its prolly netcat... the bind error really means nothing just that it can't bind its own shell to that port so that if its going to work itll just connect to ur netcat u can use the exploits shell or u can use netcat or something else its all personal preference but its all doing the same thing

There are another HTTPS Banner Scanner for Windows of haxorcitos hxxp://www.haxorcitos.com/ficheros/sslscanner.zip

Cya.

heh is a good exploit (thanks to G777) but with 1/10 is able to send (i mean iroff* and servu) but all can receive . Is really a NAT problem ?

Mates...

I get lots of shells here...

But the problem is the following: (i think)

There is a router wich will forward port 443 to a server in the LOCAL network, wich will listen for example on 192.168.1.200 when you do a ip config in the shell, you see 9 of the 10 times ip adresses like 10.0.0.X or 192168.X.X wich will not be seen on the internet, so running your servu there wouldnt make any sence. Like the servu is running and listening to port 8808.. when you try to connect to it, the router gets the packet at port 8808, but doesnt know what to do with it (99% sure the port is blocked, what you expect with ssl servers) so it would never reach the machine you had the shell on.

There are some solutions, but the also wouldnt make any sence...

So what are you trying to say, is there a solution or there is nothing to do?
Wouldn´t be possible to brute scan the router and if we are lucky and get the pass, reconfigure it and open anew port for our server.
(I guess it won´t work for long anyway..)

What port(s) and such are you guys using? I always get a Bind Error. : (

I personnally use port 8888 and it works fine, but the autohacker from ggg uses 3245 which woks fine too.
The main problem of this exploit isn´t to get a shell or upload your files but find an IP that isn´t behind a router or intranet...

yeah . karo has found the problem ... u must work a lot around the shell..
if it's a hardware firewall i think u cant (but nothing is impossible) take the shell sending or connect (servu)

Hey guys download superscan check with that tools witch ports is open... send

fport.exe and kill.exe to your server and look witch port is open to the www then kill the application and start serv-u or other ftp prog. on this port your are killing!
but the problem is the admin see this and kill your serv-u and start the orginal programm witch use your serv-u port to connect

Haven't got any shells this far, maybe i have just badluck or am i doing something wrong. I'll tell you what i did:

- I compiled the code with dev c++ with the mod of Ecko thank you for that.
- I made a little autohacker in .bat file, not anything special.
- Then i started scanning with a modified version of sfind, i scanned on port 443 at a german range.
- After the scanning i did a banner scan from at the results of the port scan, (did it with Scanline: command sl -bhpt 80 -f input.txt -o output.txt
- Filtered the banner scan and toke every ip where the banner scan said: Microsoft-IIS/5.0
- Then i put the ip's in a txt file and executed the autohacker.
- Most of the time's it say's: Exploit did't work - Timeout! (because of the ecko mod)

Well i don't see that i do anything wrong, so maybe i have just bat luck, well anyway maybe some one else could help me or i have helped him (because of my steps and has he more luck then me)

Well thnx in advance

Forget about your banners and all that, use the autohacker from gg availbale here, it works like a charm and you will get shells )

autohacker v.02

www.area51-crew.de/freesux.rar

lol deus^^

The autohacker is not the problem...

Getting in is not the problem...

Running your ftp is not the problem..

I thnik its only usefull if you found a webserver that has a direct connection to the internet (maybe some home user)

Otherwise i dont know things to do with the webserver...
Ok, kill the webserver, run ftp on the port..
Ok as you said the admin is gonna shut down the ftp and restart the webserver again....He's gonna sue you ass also.!!!

great exploit... thanks for posting
Ill be sure to try it out and let you know how it does =)

There is no way to get a shell for the past few days, does anyone have the same problem than me?

think this exploit is sort from dying...had its best time and now its about dead
didnt get any shells 2...and even when i got 1....router!!!

I keep getting this:

[*] building buffer
[*] connecting the target
[*] exploit send
[*] waiting for shell

i think you are behind a router i had the same problem just forward port 443

I think the real problem is the popel trying to use this sploit. time to clean up me thinks

hummm somebody have G777-IIS-SSL.RAR ??? i can't donwload before but if somebody can upme this file plz ...

thanks lot !!

I need a learn english xDD