Yo ppl I am a newbie who is reading the forums for a while and I tried some exploits and got shells with some of them.
Now I am wondering which exploits are you ppl still can get shells 'cos I cannot get shell with the old exploits like webdav, sql and the others
thx.
toost
Mar 21 2004, 11:04 PM
lol i guess best exploit still is sql, but most of the machine's u get like that are pretty slow... Else if ur any good try ssh
supermax
Mar 22 2004, 12:53 AM
rpc is good but now most of computer are patch ....I thnik we need a new big exploit for windows
AgentOrange
Mar 22 2004, 03:19 AM
Yeah way back when rpc 1 came out I was doing large scans, like 68.0-10.0-255.2-254. On may cable connection it took about 7-8 hours. Damn, good times, we defiantly need another major vulnerability in winblowz. Now that nmap has the random scan function I really want a new vulnerability. If you are looking for ports to scan check out:
Now not all of toughs are people looking for vulnerability. Edoneky for example, that caused by how Edonkey the program works. Do some research into the port, check out google, then compile some exploit code and start your scanning.
You really need to use an auto hacker, I just threw one together with perl. I found if I did a 7-8 hour scan while I was in class, the computers would often be down when I came back to them.
peace out
(p.s. sory for the double post)
Sp00ky
Mar 22 2004, 07:11 AM
i think the best exploit now atm is dameware....
DumpZ
Mar 22 2004, 07:58 AM
QUOTE (Sp00ky @ Mar 22 2004, 07:11 AM)
i think the best exploit now atm is dameware....
I disagree.
most dameware boxes are patched and most of the time the shell doens't arrive. SQL remains alive because of admins how forget to secure there boxes. Or don't even know that there run SQL services.
Maybe there are some private sploits which are good though
Sp00ky
Mar 22 2004, 08:12 AM
whell lately if you get a result with SqL (wich is rare) then most of the time i get sql error.... so that not much of a good thing either
Qlimax
Mar 22 2004, 08:15 AM
try 2 scan .KR and hack them with apachechunked good luck!
BuzzDee
Mar 22 2004, 08:38 AM
windows media services exploit is still quite ok. if u scan frontpage in asia u get some shells, too. but u will need a good autohacker coz u get many many scan-results for frontpage and 1 out of 500 may work (that makes about 50-100 shells for a range 220.*-221.* for example).
i would say: wait for a new exploit to be released and then try ur luck with this one. the old ones dont really pay...
greetz
Wiz4rd
Mar 22 2004, 08:43 AM
The best exploit is the one you write yourself and never give out.
abbay
Mar 22 2004, 09:40 AM
sql is still nice atm, but the machines are not that fast, ammount of hacking results is great, butt not fast connections :S
Wiz4rd
Mar 22 2004, 10:28 AM
I beg to differ on that 'fast part'. I snagged a box that pushed 5000kb/sec last week. All in the luck of the draw.
Sp00ky
Mar 22 2004, 10:54 AM
i just found this exploit on a site but can't find it on this site.. maby someone can help me what this is i think it's a good sploit... CAN-2004-0193
hmm really? i hope thats kbit otherwise the only place with a 4gb conn i know is the whitehouse
Killaloop
Mar 22 2004, 11:35 AM
QUOTE (FiStEh @ Mar 22 2004, 11:31 AM)
QUOTE (Wiz4rd @ Mar 22 2004, 10:28 AM)
a box that pushed 5000kb/sec last week
hmm really? i hope thats kbit otherwise the only place with a 4gb conn i know is the whitehouse
whats wrong about 5000kbyte/s ? thats about 50mbit nothing unusual nowadays
also I agree MSSQL still does the trick, but its off topic since mssql is no exploit just "stupidy" of administrators
fre4k
Mar 22 2004, 12:19 PM
I think, that atm the best exploits are sql and dmware..
webdav, rpc and other still old exploits are DOwN
We need a New wind00f bug for new boxes
Fleischwurst
Mar 22 2004, 12:40 PM
at lan, most of the pc's aren't still patched... but not in the internet :/
LiQuid
Mar 22 2004, 01:40 PM
i think dameware is at the moment the xploit where u can get most results.
Fleischwurst
Mar 22 2004, 03:43 PM
but dameware must be installed? or not? I'm a little bit confused...
night^man
Mar 22 2004, 04:26 PM
sql is not an exploit!
D-Devil
Mar 22 2004, 05:33 PM
dameware is nothing anymore all the boxes are patched sql is okay , but you don't find a lot of them , I think NT is still okay.
allloco
Mar 22 2004, 06:10 PM
SQL, Serv-u ;/ dameware is dead
Fleischwurst
Mar 22 2004, 06:22 PM
ok... what do u think about ASN.1
Sp00ky
Mar 22 2004, 08:22 PM
ASN? i heard about that exploit but i never found a good compiled version of the exploit can you give me some more info about that 1?
DumpZ
Mar 22 2004, 08:46 PM
QUOTE (allloco @ Mar 22 2004, 06:10 PM)
SQL, Serv-u ;/ dameware is dead
Do u really use the Serv-u MTDM exploit? that's really lame.
brOmstar
Mar 22 2004, 08:50 PM
not every serv-u is a stro !
h3llraz0r
Mar 23 2004, 04:46 AM
QUOTE (Sp00ky @ Mar 22 2004, 08:22 PM)
ASN? i heard about that exploit but i never found a good compiled version of the exploit can you give me some more info about that 1?
as far as i know it is still only a DOS ASN.1 wont give a remote shell. To get a remote shell you need to control where it will execute the next command. With ASN.1 so far, people have found how to overflow it, but not a way to control what will be execute next.
DumpZ
Mar 23 2004, 09:28 AM
QUOTE (brOmstar @ Mar 22 2004, 08:50 PM)
not every serv-u is a stro !
True but it i assume that the network ur monitoring has allot boxes which runs allot of serv-u's
KieMaN
Mar 23 2004, 09:45 AM
SQl is not a exploit but still find some results,
Serhat
Mar 23 2004, 03:12 PM
QUOTE (Sp00ky @ Mar 22 2004, 07:11 AM)
i think the best exploit now atm is dameware....
I tried Dameware in the beginning.. it was okay then.. But I think it is kinda dead.. most of them are patched imo...
QUOTE
ok... what do u think about ASN.1
Well I got the exploit and don't think many systems are patched for this one.. but the things is.. I don't know if the exploit I have works .. cause I just don't need too enter IP port.. but hostname etc too... or am I beeing a bit too carefull?
Serhat
allik
Mar 23 2004, 04:43 PM
i agree with the others mssql is still doing a fine job just have to know where to scan and you need a good wordlist so its no problem to get some nice servers
DrDoc
Mar 23 2004, 06:19 PM
Can you post your wordlist
Just a try
Thx Doc
chris105
Mar 23 2004, 07:13 PM
wordlist ? bugger it I better read up about this one, I assume bits about it will be in the forum but has someone written a guide about it ?
yeyo
Mar 24 2004, 09:51 AM
P4000 is given some results 2 me
I know that is not a xploit, like SQL
itchy2000
Mar 24 2004, 11:20 AM
I have to agree with most of u that sql (although not an exploit) is still working pretty fine. Webdav and dameware are a bit dead but it is still possible to get some shells with those. U just have to be a bit lucky.
What about netbios on NT machines, is that still any good?
guy12
Mar 24 2004, 01:39 PM
where can i get the vulnerable dameware server for a test ???
"edit"
i don't want a ip , but a url where i can download the program to test it on my lan
rvd
Mar 24 2004, 01:52 PM
Well i have still some results with dameware, had one 10mbit last week. but you have 2 be lucky most of them aren't good.
But yeah what is the best exploit 4 win...
I have a question 2 on this topic does any one know more about an exploit called lan, i can't find anything about it, one guy knows but he does not want 2 share this information 2 bad so any one know more about it in here ??
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
and start your scanning.
