picture shows an ethical test drive (with *permission* of cos ;-) of the latest smb2 remote command execution exploit (metasploit version) against windows vista home premium service pack 1
Microsoft SRV2.SYS SMB Negotiate ProcessID Function Table Dereference
This module exploits an out of bounds function table dereference in the SMB request validation code of the SRV2.SYS driver included with Windows Vista, Windows 7 release candidates (not RTM), and Windows 2008 Server prior to R2. Windows Vista without SP1 does not seem affected by this flaw.
this issue has been notified here before. details about the vulnerability advisory and workaround is here or read more here. the exploit is now public, a new worm is set to launch for sure while the patch is soon to be available..
..and all the kids goes to heaven ;-)
knock! knock! wake up!
5 comments:
erm OK now im sure you are an idiot wannabe sKid..
WINDOWS 7 remote command exec lol you wish this vista only dumbshit and macos is da best wootwoot!
but with which payload i hv to use
i tried with generic/shell_bind_tcp but the packs were not sent ????
So how to use the exploit exctly with MetaSploit ???
Can any one Explain to me :(
Anonymous (
@Anonymous (October 8, 2009 11:54 PM)
check this out..
http://blog.metasploit.com/2009/09/metasploit-33-development-updates.html
Does it this exploit allready availables to download in metasploit?
Post a Comment