Metasploit mailing list archives

ms04_031_netdde

From: pusscat at metasploit.com (Pusscat)
Date: Wed, 28 Feb 2007 09:51:55 -0500

HD's right on this one I think - I'll go and change the notes to specify
which OS's require auth and which don't. If I recall correctly, 2ksp4 and
xpsp0/1 do not require auth, while xpsp2 does. 

I'm pretty sure there's a common configuration where xpsp2 does not require
auth either... maybe anonymous file sharing enabled.

It's been awhile on this bug. Like... 2 years. ;)

~ Puss

-----Original Message-----
From: H D Moore [mailto:hdm at metasploit.com] 
Sent: Wednesday, February 28, 2007 4:04 AM
To: framework at metasploit.com
Subject: Re: [framework] ms04_031_netdde

This depends on the configuration of the server -- IIRC, Windows XP SP0 is 
vulnerable without a username/password combination, but only if Simple 
File Sharing is activated. Pusscat wrote this exploit, so you might want 
to ask her what the requirements are.

-HD

On Tuesday 27 February 2007 22:48, Alexander Sotirov wrote:

This seems to imply that no authentication is necessary, but the
exploit doesn't work with an anonymous connection. When I run
ms04_031_netdde I get:

Current thread:

ms04_031_netdde Alexander Sotirov (Feb 27)
- ms04_031_netdde Jerome Athias (Feb 27)
  - ms04_031_netdde mmiller at hick.org (Feb 27)
- ms04_031_netdde Jerome Athias (Feb 27)
- ms04_031_netdde H D Moore (Feb 28)
  - ms04_031_netdde Pusscat (Feb 28)
- ms04_031_netdde Nicolas Pouvesle (Feb 28)