[prev in list] [next in list] [prev in thread] [next in thread]
List: vuln-dev
Subject: Re: ms06-025
From: H D Moore <sflist () digitaloffense ! net>
Date: 2006-07-18 1:35:42
Message-ID: 200607172035.42351.sflist () digitaloffense ! net
[Download RAW message or body]
Metasploit contains two modules for this flaw, both of them require valid
authentication credentials to use. Make sure you set the SMBUSER/SMBPASS
variables before running the exploits. The RPC message format is defined
fairly well in both exploits, but since they need to be sent over SMB
(ports 139/445) and using DCERPC, it is non-trivial to turn into a
standalone exploit (without doing a poor job of handling errors or
evasion).
-HD
On Monday 17 July 2006 03:40, mikage_rinoa@yahoo.com wrote:
> I am currently working on a report regarding this vulnerability
> although I have tried to use the PoC given at metasploit but have
> failed in trying to crash the system. Do you guys have any idea what
> RPC message format is to be sent so that the exploit will work and do i
> have to send it thru any specific port for it work?
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic