Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Interesting WINS exploit analysis

From: base640 at gmail.com (Base64)
Date: Fri, 21 Jan 2005 14:15:21 -0800
here is the link the the unixwiz page that has all the information on
this discovered code as well as both binaries.  I had forgotten to
include it with my last post.  Good luck and please keep us updated on
anything u discover, i will aswell.

http://www.unixwiz.net/research/winser-a.html


On Thu, 20 Jan 2005 18:37:47 -0800, Base64 <base640 at gmail.com> wrote:

A recent worm that was found exploiting the  WINS MS04-045
vulnerability was captured and analyzed by Steve Friedl at unizwiz.
This exploit code used was dropped by the trojan as a standalone
binary , and contains working(?) targets for several versions of
windows including windows 2003.  Friedl includes packet captures, and
copies of both the trojan and the exploit binary.  It would be very
nice to add these targets to the metasploit module for this
vulnerability, I will try to look over the code and modify this module
to work on windows 2003, and any help would be appreciated as I am
somewhat new to vuln-dev.  If anyone comes up with anything please let
us all know, thanks.

Adrian Castro
Previous By Date Next
Previous By Thread Next

Current thread: