lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <3F8ACF16.000003.31443@colgate.yandex.ru> From: Pocjfr at yandex.ru (Pocjfr) Subject: No subject Hi! I have remote bindshell exploit for any Windows system with MS03-39 patch installed, but now i can't publish it. This code http://www.securitylab.ru/40757.html works only against Win2k Server sp3/sp4, WinXP sp1, Windows 2003, and doesn't work (code needed some change) againt Windows 2003 sp1beta, WinXP without SP and w2k sp0-sp2. ----- Original Message ----- From: <webheadport80@...scape.net> To: <full-disclosure@...ts.netsys.com> Sent: Monday, October 13, 2003 6:29 PM Subject: Re: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability > I've tried it on a couple of ms03-039 patched w2k boxes and it didn't DoS the RPC service like it did on my w2k-unpatched box. Are you saying that you've gotten it to kill the RPC service on a ms03-039 patched machine (particularily, w2k)? > > During my ms03-039 w2k tests, the exploit runs for several seconds then stops with a status of ~5000 but it doesn't kill the RPC. > > The reason I'd like confirmation is that my Microsoft corp contact told me that Microsoft, back in Redmond, said this exploit doesn't work on ms03-039... I'd like to confirm/deny this claim. Especially, since they haven't updated their sec bulletin on ms03-039 for this vulnerability. > > Any feedback from folks who have successfully gotten this exploit to work on a PATCHED ms03-039 w2k box would be GREATLY APPRECIATED!!! > > Thanks, > WebHead > > > ====================================================== > This code doesn't work without shellcode. The simple version of a "battle" shellcode can be found here: > > http://www.SecurityLab.ru/_exploits/bshell2 (add user 'a' with pass 'a' in administrator group) > > You can change this shellcode as you need. > > On system with MS03-39 installed, this code only crash systems, because nature of new vulnerability is not known. > > See more: http://www.securitylab.ru/40757.html > > > > ----- Original Message ----- > From: Mike Gordon > To: full-disclosure@...ts.netsys.com > Sent: Monday, October 13, 2003 1:41 AM > Subject: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability > > > A compiled version is found at http://www.SecurityLab.ru/_exploits/rpc3.zip > But it seems to only crash systems. > > Does any one have a clean complile of the "better code" from http://www.cyberphreak.ch/sploitz/MS03-039.txt > > > __________________________________________________________________ > McAfee VirusScan Online from the Netscape Network. > Comprehensive protection for your entire computer. Get your free trial today! > http://channels.netscape.com/ns/computing/mcafee/index.jsp?promo=393397 > > Get AOL Instant Messenger 5.1 free of charge. Download Now! > http://aim.aol.com/aimnew/Aim/register.adp?promo=380455 > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > >
Powered by blists - more mailing lists