Full Disclosure mailing list archives
Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516)
From: Ryan Dewhurst <ryandewhurst () gmail com>
Date: Fri, 11 Nov 2011 16:43:12 +0000
I think Jon just said what everyone else was thinking, he said what I was thinking at least. On Fri, Nov 11, 2011 at 1:54 PM, Jon Kertz <jon.kertz () gmail com> wrote:
On Thu, Nov 10, 2011 at 2:59 PM, xD 0x41 <secn3t () gmail com> wrote:About the PPS, i think thats a very bad summary of the exploit, 49days to send a packet, my butt. There is many people assuming wrong things, when it can be done with seconds, syscanner would scan a -b class in minutes, remember it only has to find the vulns, gather, then it would break scan, and trigger vuln... so in real world botnet, yes then, with tcpip patchers, like somany ppl i know myself, even use (tcpipz)patcher ) , wich rocks... and it is ONLY one wich actually works, when you maybe modify the src so the sys file, is dropped from within a .cpp file, well thats up to you but thats better way to make it work, this will open sockets/threads, as i could, easily proove with one exe, but, the goal is, to trigger the vuln then exploit it, less than 49days :P , so , iguess if this exploit, in real form, gathered 2 million hosts over 3 nights.. i guessing that the exploit, could possibly be triggered with ONE properly setup packet.. people forget that, a packet is one thing, and a crafted UDP packet, is quite another..I'd really like to see you actually explain this bug with code. Either with a poc or with the disassembly. You seem to act like you know what's going on, but so far your description has been off base (from what I can make of your writing). No one cares about paragraphs of speculation and bragging, code or you are just another heavy breather in the perv closet of FD. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516), (continued)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Georgi Guninski (Nov 09)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Darren Martyn (Nov 09)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) xD 0x41 (Nov 09)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Georgi Guninski (Nov 10)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Thor (Hammer of God) (Nov 10)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Sergito (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) xD 0x41 (Nov 10)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Valdis . Kletnieks (Nov 10)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Jon Kertz (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Ryan Dewhurst (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Mario Vilas (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Thor (Hammer of God) (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Ryan Dewhurst (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) xD 0x41 (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Antony widmal (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Dan Ballance (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Antony widmal (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Jeffrey Walton (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Antony widmal (Nov 11)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Dan Ballance (Nov 13)
- Re: Microsoft Windows vulnerability in TCP/IP Could Allow Remote Code Execution (2588516) Darren Martyn (Nov 09)