[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)
- To: <pdt@xxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)
- From: "Jerry Heidtke" <jheidtke@xxxxxxxx>
- Date: Tue, 16 Sep 2003 21:04:50 -0500
The exploit at http://www.k-otik.com/exploits/09.16.MS03-039-exp.c.php is
rather limited. It only creates a local administrator account named "e" with a
password of "asd#321". But, it only works against Windows 2000 (English) with
SP3 or SP4, if it works at all.
I've seen references to other exploits out there, along with some source and
executables, including one that is much more capable. It allegedly works
against all SP and language versions of both Windows 2000 and XP. It gives
access to a command shell that has Local System rights, and might easily be
modified to work as part of a universal worm package. Remember that Blaster and
Welchia/Nachia both had to "guess" whether they were attacking W2K or XP. This
new exploit works either way.
Here's a link to a screen shot of it:
http://haiyangtop.533.net/1.jpg
Rather than a sleeping bag, a one-way ticket to a nice uninhabited island
sounds better.
Jerry
-----Original Message-----
From: pdt@xxxxxxxxxxxxxx [mailto:pdt@xxxxxxxxxxxxxx]
Sent: Tuesday, September 16, 2003 8:05 PM
To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: RE: [Full-Disclosure] EXPLOIT : RPC DCOM (MS03-039)
Has anyone tested this exploit successfully? I havn't been able to make
it work as of yet. I tried the Target 0 type and have the exact DLL
versions referenced. Just wondering if this is BS or there is some other
dependency on my test systems that isn't quite lining up.
Reguardless I think I am going to throw a sleeping bag in the back of the
car on the way to work tomorrow, I think there are some long days coming
up soon.
>RPC DCOM long filename heap overflow Exploit (MS03-039)
>
>http://www.k-otik.com/exploits/09.16.MS03-039-exp.c.php
>
>blaster.b soon ?
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Confidentiality Notice: This e-mail message, including any attachments,
is for the sole use of the intended recipient(s) and may contain
confidential and privileged information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply e-mail and destroy all
copies of the original message.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html