Pywsus server doesnt respond
Closed this issue · 3 comments
Hi! Thanks a lot for your research. Its really great. Tried to reproduce your results in lab environment and created a domain.
It consists of two machines:
- DC: Windows Server 2016 Standard 1607 14393.0
- PC: Windows 10 Education 1909 18363.1198
Added and configured WSUS on DC.
Started everything as in the video, but nothing seems to happen. Pywsus doesnt react after arp-spoofing and host update request. Tried to run server on both Kali and Parrot OS.
Never used to install wsus before. Dont know whats the problem. Maybe you can share your lab environment (stands) or suggest where to look for?
Hi @Romska,
Can you confirm that the ARP spoofing is working? Are you able to MITM HTTP traffic with Bettercap targeting the Windows 10.
Thank you.
Yes, sure. In my first message I added a picture and on the top of it there is Wireshark with http filter.
DC: 192.168.28.146
PC: 192.168.28.136
Attacker: 192.168.28.143
I also added file with traffic (traffic.txt) in the end.
Hi @Romska and sorry for the delay.
It seems that your ARP spoofing attack does not work. Where did you perform the Wireshark capture?
After, I would start with a basic proof of concept with Bettercap to confirm that the MITM is working.
Here some flags that will help to perform the attack:
- https://www.bettercap.org/modules/ethernet/net.probe/
- https://www.bettercap.org/modules/ethernet/net.recon/
Keep in mind that PyWSUS is simply a web server, the MiTM is a crucial part of the chain of exploitation.
Thank you.