Metasploit mailing list archives
Re: print spooler module exception
From: 김무성 <kimms () infosec co kr>
Date: Wed, 6 Oct 2010 16:30:08 +0900
Hello. Jdrake You are right. Attacker and victim are on same domain. As your answer, I fixed my test environment. Without domain, attack is possible. I think that when ms10_061_spooler module send packet(StartDocPrinter), trigger is on this packet. And I found that There is output file (\\ip\pipe\atsvc) and document name (xkd30qdornbzhyamwecjhm8) This output file, document name is made randomly? Can I know specific offset which have vulnerability? Thanks MuSung Kim -----Original Message----- From: Joshua J. Drake [mailto:jdrake () metasploit com] Sent: Wednesday, October 06, 2010 3:58 AM To: kimms () infosec co kr Cc: framework () spool metasploit com Subject: Re: [framework] print spooler module exception On Tue, Oct 05, 2010 at 06:29:00PM +0900, ?????? wrote:
There are exception num 5. Num 5 is access deny.
I have not seen this particular situation in my testing. It seems like the target machine may be patched or perhaps the printer is specifically configured to not allow guest access.
But when I opened folder explorer and typed \\10.10.50.201\printers <file:///\\10.10.50.201\printers> , I can show print bar window.
If you are logged into a domain, some magic may be happening behind the scenes that leaves you with valid user credentials. If you have an account, try using the SMBUser/SMBPass options. Please let us know if you manage to figure out what caused this error or how you managed to work around it. Hope this helps, -- Joshua J. Drake
Attachment:
smime.p7s
Description:
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- print spooler module exception 김무성 (Oct 05)
- Re: print spooler module exception Joshua J. Drake (Oct 05)
- Re: print spooler module exception 김무성 (Oct 06)
- Re: print spooler module exception Varga-Perke Balint (Oct 06)
- Re: print spooler module exception 김무성 (Oct 06)
- Re: print spooler module exception Carlos Perez (Oct 05)
- Re: print spooler module exception Joshua J. Drake (Oct 05)