Metasploit mailing list archives

Interesting WINS exploit analysis

From: Cedric.Baechler at gst.admin.ch (Cedric.Baechler at gst.admin.ch)
Date: Fri, 21 Jan 2005 09:50:19 +0100

Adrian,
I've tested the exploit against win2k3 enterprise sp0 english and winnt 4.0
server sp6a german with no success. Was ok on win2k server sp4 english.

Cedric

-----Original Message-----
From: Base64 [mailto:base640 at gmail.com]
Sent: Friday, January 21, 2005 3:38 AM
To: framework at metasploit.com
Subject: [framework] Interesting WINS exploit analysis

A recent worm that was found exploiting the  WINS MS04-045
vulnerability was captured and analyzed by Steve Friedl at unizwiz. 
This exploit code used was dropped by the trojan as a standalone
binary , and contains working(?) targets for several versions of
windows including windows 2003.  Friedl includes packet captures, and
copies of both the trojan and the exploit binary.  It would be very
nice to add these targets to the metasploit module for this
vulnerability, I will try to look over the code and modify this module
to work on windows 2003, and any help would be appreciated as I am
somewhat new to vuln-dev.  If anyone comes up with anything please let
us all know, thanks.

Adrian Castro

Current thread:

Interesting WINS exploit analysis Base64 (Jan 20)
- Interesting WINS exploit analysis H D Moore (Jan 21)
- Re: Interesting WINS exploit analysis Base64 (Jan 21)
- <Possible follow-ups>
- Interesting WINS exploit analysis Cedric.Baechler at gst.admin.ch (Jan 21)