Metasploit mailing list archives
wmf never worked on my default winxp ever
From: draino at gmail.com (Josh Chaney)
Date: Wed, 4 Jan 2006 14:16:55 -0700
Your configuration is somehow different. I've tried it on quite a few machines here at work, as well as some family members. All exploited without a hitch. It sounds like the picture/fax viewer is not installed and it's treating the file like any other file that it doesn't know what to open it with. I can assure you that this happens on SP2. -Josh On 1/4/06, sandalwood <sandalwood at inmail24.com> wrote:
Hello all, I don't understand how this is a bad bug. As soon as I saw the first exploit for this I installed a fresh completely new blank install of windows xp professional sp2, and tested it. It has never worked even once. I have also tried HD's exploits for it, including the one released today that uses BMP format and gzip content encoding (elite dude thank you).. however that still doesn't work. In my default fresh install of windows, I go to the url and it pops up a warning about downloading a file. I have to click on the information bar and choose download. Then if I go to the desktop and doubleclick the file, it does run the picture viewer which then crashes. So who is this a threat to?? Just sp1 systems? are there even any out there? In case you are wondering if my testing methodology was poor: I also then LATER tried accessing public websites that were exploiting people such as crack sites and porn that people talked about as carrying this bug. Those did not work either. I have zero software installed. This is a clean default install of windows. no antivirus, firewall, nothing but microsoft windows. I would post screenshots or video clip of it if it would help. I think it is clear that there are some systems that are NOT VULNERABLE to this, by default. For everyone to be saying this affects winxp sp2 I think is an error. addition: i have now confirmed 2 other friends of mine say that it throws up a warning saying it blocked a download and does not work on their machines either. -- Best regards, sandalwood mailto:sandalwood at inMail24.com ---------- * Zoner PhotoStudio 8 - Your Photos perfect, shared, organised! www.zoner.com/zps
-------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.metasploit.com/pipermail/framework/attachments/20060104/46e3d274/attachment.htm>
Current thread:
- Metasploit Book?, (continued)
- Metasploit Book? Jason Mayer (Jan 05)
- wmf flaws...auto-restart the exploit? H D Moore (Jan 04)
- wmf never worked on my default winxp ever sandalwood (Jan 04)
- wmf never worked on my default winxp ever H D Moore (Jan 04)
- wmf never worked on my default winxp ever (DEP) sandalwood (Jan 04)
- wmf never worked on my default winxp ever (DEP) Devin Ertel (Jan 04)
- wmf never worked on my default winxp ever (DEP) H D Moore (Jan 04)
- wmf never worked on my default winxp ever (DEP) sandalwood (Jan 04)
- downexec and gzip/chunk sandalwood (Jan 06)
- downexec and gzip/chunk H D Moore (Jan 06)
- wmf never worked on my default winxp ever H D Moore (Jan 04)