Vulnerability Development mailing list archives
DebPloit + ie + passive connecting to attacker?
From: -l0rt- <simon () snosoft com>
Date: Fri, 29 Mar 2002 17:17:24 -0500 (EST)
All, I have been monitoring all of the talks about the recent "Silent delivery and installation of an executable on a target computer" for outlook and IE. I also noticed DebPloit which works as described: " DebPloit allows Everyone to get handle to Any process or thread. Handles have enough access to promote everyone to system/admin (in the case Target is running under LocalSystem, Administrator account). Works on: Any MS Windows NT 4.0, Windows 2000 (SPs before Mar-12-2002). Former NTs weren't tested. " and can be found at: http://www.anticracking.sk/EliCZ/bugs/DebPloit.zip Now... what if someone decided to do a little bit of mixing here... ie or outlook issue + DebPloit + connect_to_ip.exe So if this works, in theory, passive connection from a desktop on the LAN back to the attacker with a shell bound to it that has administrator rights? mmmm -l0rt- http://www.snosoft.com --------------------------------------------------------------------- That file you've been guarding, isn't. ---------------------------------------------------------------------
Current thread:
- DebPloit + ie + passive connecting to attacker? -l0rt- (Mar 29)