-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 H D Moore wrote: > On Monday 22 December 2008, ArcSighter Elite wrote: >> I came this morning with something. The MS08-67 patch when challenge >> keys couldn't be replayed, affects also the other variants of the >> attack, such as http 401 + WWW-Authenticate: NTLM, and the IMAP, POP >> and SMTP versions? > > Supposedly it affects any component that initializes the security > negotiation the "right" way, but only during a direct reflection attack. > You can still relay to a third-party host regardless of protocol. > > -HD > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Framework-Hackers mailing list > Framework-Hackers@spool.metasploit.com > http://spool.metasploit.com/mailman/listinfo/framework-hackers
Yes, I know the replay attack it's still working. I'm talking about the reflection one in here. I'm going to do some tests right away. Wait for results. Sincrely. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJT746H+KgkfcIQ8cRAiFHAKDlnVWEYiwYEQDy1irZp3jbL5hmrQCdFxsx v0eBn8RIBMDxN2MnOVSof9M= =WkQy -----END PGP SIGNATURE----- _______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers