I have an unpatched Windows XP Home VM, a Kali 2019.2 VM, and an old Kali 2016 VM. Using Metasploit ms08_067_netapi, I am able to successfully get a reverse shell but only on the old Kali box.
I am trying to get the same reverse shell on Kali 2019.2, but to no avail. However, I have been able to get a meterpreter bind shell running from the Win XP box to the 2019.2 VM using the same exploit.
I have done the following with iptables to completely clear everything:
sudo iptables -F sudo iptables -P INPUT ACCEPT sudo iptables -P FORWARD ACCEPT sudo iptables -P OUTPUT ACCEPT
but I still can’t catch the reverse shell. Metasploit reports
[ * ] Exploit completed, but no session was created.
Lastly, I have been able to catch a reverse shell from the Windows XP machine to the 2019.2 VM by creating a windows/meterpreter/reverse_tcp executable file using msfvenom and running it on the target Win XP machine (and catching it on the 2019.2 Kali VM using multi/handler), but still I cannot get a reverse shell from Metasploit’s ms08_067_netapi.
Any insight on this bug would be greatly appreciated!