I don't see the file? Well I'll include it to this post then I just got it compiled.. ;x
Get Cygwin1.dll iif you don't have it.. ;x it needs it
Serhat
MaNiAx
Jul 31 2004, 10:02 PM
very nicely done it's a little buggy for now worked on 5/7 machines i tested it on the network.
-MaNiAx
ivan288
Aug 1 2004, 08:14 AM
local exploit right??
xoro
Aug 1 2004, 09:04 AM
yes
Serhat
Aug 1 2004, 12:03 PM
local? you can also send the job file to someone else that will automaticly run it and bind a shell to the specified port.. so which means remote and local.. the other one.. the notepad.exe executing one is local.. Why shouldn't you need a local bindport ?
Serhat
BuzzDee
Aug 1 2004, 12:55 PM
hmm didnt work for me, yet. tried 6 servers without shell...
Serhat
Aug 1 2004, 03:46 PM
I heard about someone getting 3/4 shells with it.. though the computer needs to meet some requirments... like running the Task Sheduler service ( which I don't! ) etc.. also I can't confirm whether it works 100% also.. cause I didn't tested it yet.. just compiled the source code for you guys =)
Serhat
detonator
Aug 1 2004, 07:03 PM
QUOTE (Serhat @ Aug 1 2004, 12:03 PM)
local? you can also send the job file to someone else that will automaticly run it and bind a shell to the specified port.. so which means remote and local.. the other one.. the notepad.exe executing one is local.. Why shouldn't you need a local bindport ?
Serhat
and how should i send this jobfile to a machine with this exploit i need a box . if i sit in front of the the box or i have a remote shell is not important greetz
Serhat
Aug 1 2004, 09:04 PM
just use the way you like.. for example you can send it to somebody's shares if he has enabled it.. meaning it will bind a port when the directory is beeing viewed.. dunno sure if beeing viewed via the shares executes it aswell..
Serhat
[Z]castor
Aug 2 2004, 04:20 PM
gonna try to use it thanx sharing
nuorder
Aug 3 2004, 02:25 AM
and for those who want the standalone exe without the need for cygwin.dll
r3L4x
Aug 3 2004, 02:52 AM
that has to be some of the sloppiest code i have ever seen!
mortello
Aug 3 2004, 03:12 AM
QUOTE (r3L4x @ Aug 3 2004, 02:52 AM)
that has to be some of the sloppiest code i have ever seen!
that's because you didn't see mine
chris105
Aug 3 2004, 09:37 AM
Hang on a minute ..... When you open the folder to find the .job file to send to someone are you not infecting yourself ?
nuorder
Aug 3 2004, 09:48 AM
yes depending on how youve set it up turn off task scheduler or patch your computer
Serhat
Aug 3 2004, 10:39 PM
QUOTE (chris105 @ Aug 3 2004, 09:37 AM)
Hang on a minute ..... When you open the folder to find the .job file to send to someone are you not infecting yourself ?
like nuorder said.. patch your system or turn off Task Scheduler... someone like you should already be patched I guess.. and for me.. well I am patched and disabled Task Scheduler cause I didn't use it anyway.. though cause of this I can't use the AT command .. which I don't really need anyway ;x Also the standard port 1027/1028 or something of Task Sheduler is closed cause of it also =)
Serhat
ellitio
Aug 6 2004, 04:29 PM
it worked fine here
x1`
Aug 6 2004, 06:14 PM
my friend is saying that there is now a remote Task Scheduler exploit but its very private ...i will post back if i see it working
mortello
Aug 6 2004, 07:06 PM
QUOTE (Dickybob20 @ Aug 6 2004, 06:14 PM)
my friend is saying that there is now a remote Task Scheduler exploit but its very private ...i will post back if i see it working
Well if there is, its probably for another vulnerability (maybe unreleased) because this one needs interaction....
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
) etc..
