Hi! I have remote bindshell exploit for any Windows system with MS03-39 patch installed, but now i can't publish it. This code http://www.securitylab.ru/40757.html works only against Win2k Server sp3/sp4, WinXP sp1, Windows 2003, and doesn't work (code needed some change) againt Windows 2003 sp1beta, WinXP without SP and w2k sp0-sp2.
----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, October 13, 2003 6:29 PM Subject: Re: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability > I've tried it on a couple of ms03-039 patched w2k boxes and it didn't DoS the RPC > service like it did on my w2k-unpatched box. Are you saying that you've gotten it > to kill the RPC service on a ms03-039 patched machine (particularily, w2k)? > > During my ms03-039 w2k tests, the exploit runs for several seconds then stops with a > status of ~5000 but it doesn't kill the RPC. > > The reason I'd like confirmation is that my Microsoft corp contact told me that > Microsoft, back in Redmond, said this exploit doesn't work on ms03-039... I'd like > to confirm/deny this claim. Especially, since they haven't updated their sec > bulletin on ms03-039 for this vulnerability. > > Any feedback from folks who have successfully gotten this exploit to work on a > PATCHED ms03-039 w2k box would be GREATLY APPRECIATED!!! > > Thanks, > WebHead > > > ====================================================== > This code doesn't work without shellcode. The simple version of a "battle" shellcode > can be found here: > > http://www.SecurityLab.ru/_exploits/bshell2 (add user 'a' with pass 'a' in > administrator group) > > You can change this shellcode as you need. > > On system with MS03-39 installed, this code only crash systems, because nature of > new vulnerability is not known. > > See more: http://www.securitylab.ru/40757.html > > > > ----- Original Message ----- > From: Mike Gordon > To: [EMAIL PROTECTED] > Sent: Monday, October 13, 2003 1:41 AM > Subject: [Full-Disclosure] RE: Re: Bad news on RPC DCOM vulnerability > > > A compiled version is found at http://www.SecurityLab.ru/_exploits/rpc3.zip > But it seems to only crash systems. > > Does any one have a clean complile of the "better code" from > http://www.cyberphreak.ch/sploitz/MS03-039.txt > > > __________________________________________________________________ > McAfee VirusScan Online from the Netscape Network. > Comprehensive protection for your entire computer. Get your free trial today! > http://channels.netscape.com/ns/computing/mcafee/index.jsp?promo=393397 > > Get AOL Instant Messenger 5.1 free of charge. Download Now! > http://aim.aol.com/aimnew/Aim/register.adp?promo=380455 > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
