Metasploit mailing list archives
FW: Re[4]: wmf never worked on my default winxp ever (DEP)
From: sandalwood at inMail24.com (sandalwood)
Date: Thu, 5 Jan 2006 11:04:09 -0800
Hello Tomas, HAHA :) Yeah this *IS* is vmware. What rational human on this planet would run windows on their *desktop* ?!?!! "lol" seriously i'm in tears laughing at the idea. Yes, everything I talked about was in a vmware session. VMware Workstation v5.5.1.19175 for Linux I created a new machine, installed default winxp iso from my http://msdn.microsoft.com/ account, and did my testing. Clean fresh virgin install, just like I said from the beginning (why don't people believe?) and tested. Added SP1, tested. Added SP2, tested. Et cetera. I did everything "right" and the results would be the same for anyone who happened to be running on amd 64bit hardware (oops) and also using the exploit when it was bmp instead of tiff (oops). I don't come out and *say* that I'm running my machines in vmware because it will just confuse people or create needless email banter about possible differences between a vm and "real" machine. Indeed these machines are just as real as the box I'm typing on. There is no spoon. also to the guy who said:
Did you try clicking open instead of download? I have a fully patches XP SP2 and it works.
there was no open option. i outlined that in my other email. it works on your system because EITHER (1) you used the updated exploit that wasn't bmp format, or (2) you don't have DEP enabled hardware like amd64, or (3) you don't really have a default install. thanks all; great software, great list :)
-----Original Message----- From: Tomas L. Byrnes Sent: Wednesday, January 04, 2006 10:49 PM To: 'sandalwood' Subject: RE: Re[4]: [framework] wmf never worked on my default winxp ever (DEP) Haven't you heard of VMWare? Virtual machines are the way to do research.-----Original Message----- From: sandalwood [mailto:sandalwood at inMail24.com] Sent: Wednesday, January 04, 2006 5:08 PM To: framework at metasploit.com Subject: Re[4]: [framework] wmf never worked on my defaultwinxp ever(DEP)Thanks again for the information, sounds like DEP and BMP acting inconsistently were the main culprits. If you disable DEP and can reproduce the problem with the latest exploit, please let us know.Sucks that you have to edit boot.ini and reboot just to kill DEP. Anyway I did so (/NoExecute=AlwaysOff) and now the newexploit worksperfectly. (it is a truly default install, after all) BTW, is DEP bypass possible in this exploit? ;) (http://www.uninformed.org/?v=2&a=4&t=txt "Bypassing Windows Hardware-enforced Data Execution Prevention") thanks again!
-- Best regards, sandalwoodmailto:sandalwood at inMail24.com
-- Best regards, sandalwood mailto:sandalwood at inMail24.com ---------- * Zoner PhotoStudio 8 - Your Photos perfect, shared, organised! www.zoner.com/zps
Current thread:
- FW: Re[4]: wmf never worked on my default winxp ever (DEP) Tomas L. Byrnes (Jan 04)
- FW: Re[4]: wmf never worked on my default winxp ever (DEP) Nicolas RUFF (Jan 05)
- FW: Re[4]: wmf never worked on my default winxp ever (DEP) H D Moore (Jan 05)
- FW: Re[4]: wmf never worked on my default winxp ever (DEP) sandalwood (Jan 05)
- FW: Re[4]: wmf never worked on my default winxp ever (DEP) Nicolas RUFF (Jan 05)