lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <HIPFDX$IglN4NhGco8r0vNsWPlyMG50GnNEA1BoyfFspdds@bol.com.br>
From: th.campos at bol.com.br (Thiago Campos)
Subject: DCOM RPC exploit failed

Hi

With the Portuguese version of Windows XP using the 
offset from Windows XP SP1 english something different 
occurs. A window with a 30 seconds countdown and these 
senteces appears:

"You are not a valid administrator. Your computer will 
be powered off"

pretty disturbing. Finding the right offset will lead 
this exploit to be a new DoS tool with pratically no 
changes.

- Thiago Campos

> Just 4 info:
> 
> I compiled dcom.c on linux and tried it against a 
> Windows 2000 SP4, german version.
> 
> The exploit failed (maybe I need some offset 
adjustments for the
> german version of Win2k) but after that I noticed some 
malfunctions:
> 
> - The windows explorer was not able to perform drag'n 
drop any more.
> When I tried to drag a file somewehere nothing 
happened.
> 
> - The media player failed. The window came up and 
closed itself after 
> a few seconds.
> 
> ... don't know what else failed...
> 
> So even when then exploit failed it may seriously 
disturb the windows 
> functionality. A massive scan for vulnerable windows 
systems on the 
> net may become the character of an DoS attack even 
without any  
> successful exploit.
> 
> Ciao
>   Marcus
> 
> -- 
> Windows is not the answer.
> Windows is the question and the answer is no.
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-
charter.html
> 

 
__________________________________________________________________________
Acabe com aquelas janelinhas que pulam na sua tela.
AntiPop-up UOL - ? gr?tis!
http://antipopup.uol.com.br/



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ