lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
From: webheadport80 at netscape.net (webheadport80@...scape.net)
Subject: RE: Re: Bad news on RPC DCOM vulnerability

I've tried it on a couple of ms03-039 patched w2k boxes and it didn't DoS the RPC service like it did on my w2k-unpatched box.  Are you saying that you've gotten it to kill the RPC service on a ms03-039 patched machine (particularily, w2k)?

During my ms03-039 w2k tests, the exploit runs for several seconds then stops with a status of ~5000 but it doesn't kill the RPC.

The reason I'd like confirmation is that my Microsoft corp contact told me that Microsoft, back in Redmond, said this exploit doesn't work on ms03-039...  I'd like to confirm/deny this claim.  Especially, since they haven't updated their sec bulletin on ms03-039 for this vulnerability.

Any feedback from folks who have successfully gotten this exploit to work on a PATCHED ms03-039 w2k box would be GREATLY APPRECIATED!!!

Thanks,
WebHead


======================================================
This code doesn't work without shellcode. The simple version of a "battle" shellcode can be found here:

http://www.SecurityLab.ru/_exploits/bshell2 (add user 'a' with pass 'a' in administrator group)

You can change this shellcode as you need.

On system with MS03-39 installed, this code only crash systems, because nature of new vulnerability is not known.

See more: http://www.securitylab.ru/40757.html

 

----- Original Message ----- 
From: Mike Gordon 
To: full-disclosure@...ts.netsys.com 
Sent: Monday, October 13, 2003 1:41 AM
Subject: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability


A compiled version is found at http://www.SecurityLab.ru/_exploits/rpc3.zip 
But it seems to only crash systems. 

Does any one have a clean complile of the "better code" from http://www.cyberphreak.ch/sploitz/MS03-039.txt 


__________________________________________________________________
McAfee VirusScan Online from the Netscape Network.
Comprehensive protection for your entire computer. Get your free trial today!
http://channels.netscape.com/ns/computing/mcafee/index.jsp?promo=393397

Get AOL Instant Messenger 5.1 free of charge.  Download Now!
http://aim.aol.com/aimnew/Aim/register.adp?promo=380455

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ