Re: [Full-Disclosure] [Exploit]: DameWare Mini Remote Control Server Overflow Exploit

From: Gregory A. Gilliss (ggilliss_at_netpublishing.com)
Date: 12/19/03

  • Next message: Kevin Mitnick: "RE: [Full-Disclosure] [Exploit]: DameWare Mini Remote Control Server Overflow Exploit" 
    To: full-disclosure@lists.netsys.com
Date: Fri, 19 Dec 2003 14:01:54 -0800

    Funny! I have a client who got compromised through another remote access
    product (PCAnyWhere) and *this* was the hacker's backdoor! I guess that
    I can go back now and try and re-compromise the client using the compromise
    of the compromise (oh, dizzy ...) <LOL>

    G

    On or about 2003.12.19 21:38:25 +0000, A*** (netninja@hotmail.kg) said:

    > DameWare Mini Remote Control Server Exploit
    >
    > C:\xploits\dmware>dmware
    >
    > ...oO DameWare Remote Control Server Overflow Exploit Oo...
    >
    > -( by A*** netmaniac[at]hotmail.KG )-
    >
    > - Versions vulnerable: <= DWRCS 3.72.0.0
    > - Tested on: DWRCS ver: 3.72.0.0 Win2k SP3 & WinXP SP1
    >
    > Usage: dmware <TargetIP> <TargetPort> <YourIp> <YourPort>
    > eg: dmware 10.0.0.1 6129 10.0.0.2 21
    >
    <SNIP> 

    -- 
Gregory A. Gilliss, CISSP                              E-mail: greg@gilliss.com
Computer Security                             WWW: http://www.gilliss.com/greg/
PGP Key fingerprint 2F 0B 70 AE 5F 8E 71 7A 2D 86 52 BA B7 83 D9 B4 14 0E 8C A3
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
  • Next message: Kevin Mitnick: "RE: [Full-Disclosure] [Exploit]: DameWare Mini Remote Control Server Overflow Exploit"
    Loading