Penetration Testing mailing list archives
[PEN-TEST] RDS exploit simulation
From: Oliver Petruzel <oliverpetruzel () EMAIL COM>
Date: Mon, 18 Sep 2000 11:14:29 -0400
my dearest pentesting compadres, ok, im at a loss to determine why this isn't working right now, so i will throw this out: Can somone..anyone! please list the exact specifications for as simulation test of Rain Forrest's RDS exploit? Starting with a naked system, what EXACTLY needs to be installed to get a vulnerable MDAC and RDS services? All my previous attempts have yielded safe systems. (uhg..and yes, I answered "yes" when it asked me if I wanted RDS "on"...) I have tried every IIS version/service pack installs/etc and still come up with a non-vulnerable system. I have used this so many times in the wild, it's hard to imagine what I'm doing wrong. I need it for demonstration purposes (among 15 other demo'd exploits im doing for the powers that be), and although the script is neato to watch chugging away, it's all for nothing when it comes up dry! Also, can anyone recommend a good pre-existing IMAP or POP vuln script and simulation config? thanks ./Oliver_Petruzel ----------------------------------------------- FREE! The World's Best Email Address @email.com Reserve your name now at http://www.email.com
Current thread:
- [PEN-TEST] RDS exploit simulation Oliver Petruzel (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Mordechai Ovits (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Johan Persson (Sep 18)
- <Possible follow-ups>
- Re: [PEN-TEST] RDS exploit simulation Davidson,Sam (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Oliver Petruzel (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Oliver Petruzel (Sep 18)
- Re: [PEN-TEST] RDS exploit simulation Steve (Sep 19)