If you are using Metasploit and have ever tried running the smb_login module against a Windows XP box, chances are high that you have encountered the following error message.

This will happen if you are running Windows XP in a non-domain environment. When running in non-domain environments, Windows authenticates all network logon requests to be authenticated as Guest instead of the local user account.

To fix this,
Start -> Run gpedit.msc Local Computer Policy -> Computer Configuration -> Windows Settings -> Security Settings -> Local Policies -> Security Options
And in there, change the value of
Network access : Sharing and security model for local accounts,
from
Guest only - local users authenticate as Guest to Classic - local users authenticate as themselves
That’s it, and you are done.
Running the scan again, results in success.

Leave a Reply