... I hope to see an exploit soon, I need it to show to my manager so he will approve deployement of the patch on SUS.
midi69
Oct 17 2003, 08:35 AM
wow thanks alot sounds great im really expecting to see that exploit soon great job!
dtDaMan
Oct 17 2003, 09:22 AM
Hi!
BigTHX 4 Scantool. Ich hope to get the Exploit later too *g*
DaMan
ducky
Oct 17 2003, 09:31 AM
Thanks for sharing m8...nice tool
hermel
Oct 17 2003, 09:42 AM
THX for sharing the tool
yeyo
Oct 17 2003, 09:58 AM
thanks 4 sharing this...
I allways get a window error ... I'm on W2K
---edit
i change the file to c:\ and it works.
This scanner will popup a msg window warning about this vuln in the scaned ip, maybe there is another scanner that son't popup that window, or puting some parameter, i'll see
--- edit
solved
write a ini file with:
ping=true target=[start IP]-[end IP]
save the file and do a "scanmsgr.exe config=inifile.ini"
now the scanned ip don't see any popup
jubbly
Oct 17 2003, 10:33 AM
I just checked mine and disabling the messenger service stops it but unpatched it gives a popup on the remote users desktop. Not a good thing when scanning your internal networks. I had 4 users call me and i only scanned a range of 10 machines. Is there a way of removing the popup part of the scan tool?
cls @echo off @echo Start IP set /p startip= @echo End IP set /p endip= echo ping=true > scann.ini echo target=%startip%-%endip% >> scann.ini @echo off scanmsgr config=scann.ini > scann.txt
Tr@nCeR
Oct 17 2003, 11:34 AM
pls people, don't use this scanner...
it uses net send to tell people their system is hackable, and where they could download the patch....
so if you're a hacker, don't use this scanner, if you're a security consultant, you can use this scanner to notify your costumers... but remember... it is illegal to scan people that aren't affiliated with you.
Kippesoep
Oct 17 2003, 11:41 AM
hmm well, it's still nice to test home network thnx anyway
Grtz
ScriptGod
Oct 17 2003, 11:49 AM
QUOTE (Tr@nCeR @ Oct 17 2003, 11:34 AM)
pls people, don't use this scanner...
it uses net send to tell people their system is hackable, and where they could download the patch....
so if you're a hacker, don't use this scanner, if you're a security consultant, you can use this scanner to notify your costumers... but remember... it is illegal to scan people that aren't affiliated with you.
The option "ping=true" will send a silent Messenger "ping" instead of a popup message. However, the ping technique only works on port 135, it doesn't work on the additional port range.
use this option!
jubbly
Oct 17 2003, 12:23 PM
that ping=true is handy should looked before scanning my users on the network boss told me off as it concerned the users LOL
tribalgoa
Oct 17 2003, 02:09 PM
You could use the option "ping=true" , it will send a silent Messenger "ping" instead of a popup message. However, the ping technique only works on port 135, it doesn't work on the additional port range.
port 135 is blocked at most ISP's, but for internal network pen-testing it should be fine.
ScriptGod
Oct 17 2003, 03:06 PM
the RPC service uses this port, so all rpc vuln needs this port to work, if your isp blocks this port than they don't work! it seems that the messengers service uses another random port. the difference between the messanger and the other rpc services is that the messangers uses UDP instead of TCP. the most isp block only TCP...
baNaN4
Oct 17 2003, 07:56 PM
great thx 4 sharing dude
Action
Oct 17 2003, 10:11 PM
how about just (filtered) hexing the netsend msg from the exe file, ever thought of that
hifil0wlife
Oct 17 2003, 11:14 PM
ok, so what do I do if I find a hackable host? take a note and hope that perhaps the exploit will be released before people have patched their machines? whats the point?
^Nio^
Oct 18 2003, 12:57 PM
hifil0wlife, most exploit patches come out before the exploits themselves That doesn' t mean we don' t use the exploits...
xaph
Oct 18 2003, 04:44 PM
hi folkz,
Try this scann0r, no message with warning in this one....
dunc101
Oct 18 2003, 04:58 PM
thanks for this man, definately going to check it out.
Hellraiseruk
Oct 18 2003, 06:37 PM
no point of using this intill we achurly know a exploit is being made..but thx for the scanner m8..
ducky
Oct 18 2003, 08:50 PM
thanks for the scanner...
i was wondering..is there anyway to make it work and save results to a *txt file
ps- i tried scan target=ip-ip >>results.txt and scan target=ip-ip >log.txt
But nothing seems to work...
Thanks PPL
ghost_c
Oct 18 2003, 09:02 PM
thnks dude i hope also to see the new exploit....soon.
isaiah
Oct 19 2003, 02:31 AM
Trust me it un hackable unless you do it thro udp and this board is ment for you can be 1337 h@x0rs it ment to protecting you networks damn this board has been giong down with leechers and newbiews but come on this is a "How to Hack for you Warez Stros" board is it becuase all of the leechers we dont get anymore good tools
Flinston
Oct 19 2003, 10:46 AM
Ducky ... the results will be saved after the scann is done .. or just use my little batch
CODE
cls @echo off @echo Start IP set /p startip= @echo End IP set /p endip= echo ping=true > scann.ini echo target=%startip%-%endip% >> scann.ini @echo off scanmsgr config=scann.ini > scann.txt
GhostCow
Oct 19 2003, 06:27 PM
QUOTE (isaiah @ Oct 19 2003, 02:31 AM)
Trust me it un hackable unless you do it thro udp and this board is ment for you can be 1337 h@x0rs it ment to protecting you networks damn this board has been giong down with leechers and newbiews but come on this is a "How to Hack for you Warez Stros" board is it becuase all of the leechers we dont get anymore good tools
i agree with isaiah.... this board is slowly filling with leechers and people who come here to learn how to make pubs ... i may not be the smartest monkey in the bunch but i came here to learn not to become a 31337 |-|4X0|2 opers: please do something about it
Divx_dude
Oct 19 2003, 09:25 PM
nice one there
but to bad the isp's blocks tha shit
MxMx
Oct 20 2003, 09:22 AM
QUOTE (Flinston @ Oct 17 2003, 11:26 AM)
Figured it out thanks anyways
I programmed a little batch
CODE
cls @echo off @echo Start IP set /p startip= @echo End IP set /p endip= echo ping=true > scann.ini echo target=%startip%-%endip% >> scann.ini @echo off scanmsgr config=scann.ini > scann.txt
woowww this is really nice .. thanks for the batch .. ive got many results already
skidoo32
Oct 20 2003, 07:57 AM
Nice one mate
Also heres a quick batch for scanning Multiple ranges
CODE
@echo off scanmsgr.exe target=ENTER RANGE HERE ping=true >> scan1.txt echo scan1 complete >> report.txt scanmsgr.exe target=ENTER RANGE HERE ping=true >> scan2.txt echo scan2 complete >> report.txt scanmsgr.exe target=ENTER RANGE HERE ping=true >> scan3.txt echo scan3 complete >> report.txt scanmsgr.exe target=ENTER RANGE HERE ping=true >> scan4.txt echo scan4 complete >> report.txt scanmsgr.exe target=ENTER RANGE HERE ping=true >> scan5.txt echo scan5 complete >> report.txt
oxygen007m
Oct 20 2003, 10:26 AM
jaxgough
Oct 23 2003, 11:29 AM
Thanx to tribalgoa for posting it and thanx to everyone else who posted the cool little batches to make things easier.
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
