[studnikov]

It seems like alot of people had problems compiling this.
I didn't so i thought i would post it for the ones who did.

Thanks to ScriptGod for the code.

Compiling...
MS04-022ScriptGod.cpp

MS04-022ScriptGod.obj - 0 error(s), 0 warning(s)

Linking...

MS04-022ScriptGod.exe - 0 error(s), 0 warning(s)

Attached File(s)

•  MS04_022ScriptGod.rar (28.43K)
  Number of downloads: 694

[The Storm]

thank ya 2 downloads 2 reypls *g*

[nuorder]

z-man, on Jul 27 2004, 08:00 PM, said:

10q very much

but on what port that exploit work  :unsure: 445?  :unsure:

come on man be serious

its local unless you specify a port for the shell

[ivan288]

usage: new <TargetID> <PayloadID> <OutputJobFile> < <Command> | <BindPort> | <IP
> <Port> >

TargetID Name EIP
----------------------------------------------------------
0 Windows XP SP0+1 GER 0x76e21a21
1 DoS Windows XP ALL 0xffffffff

PayloadID Name
--------------------------
0 WinExec
1 BindShell
2 ReverseShell

any help onm how to use this. i mean what u put in for command for example.

[ivan288]

i tried:
exploit.exe 0 1 k.bat 6666 127.0.0.1

its suppose to make a k.bat file with bindshell on port 6666.
what i does it creates k.bat in the same directory. Bu then it doesnt open the shell even when i click on the .bat.
not sure what i am doin wrong.

[Coktailcrazy]

nice work to compile this!! gonna test it out!

[thorel]

Nice job man, sweet

[nuorder]

ivan288, on Jul 27 2004, 09:51 PM, said:

i tried:
exploit.exe 0 1 k.bat 6666 127.0.0.1

its suppose to make a k.bat file with bindshell on port 6666.
what i does it creates k.bat in the same directory. Bu then it doesnt open the shell even when i click on the .bat.
not sure what i am doin wrong.

instead of k.bat you should have k.job, it is sometimes a good idea to read the main article on a vulnerability before you try to use it

Quote

How could an attacker exploit this vulnerability?
There are many ways that a system could be vulnerable to this attack. Here are some examples:
�

An attacker could host a malicious Web site that is designed to exploit this vulnerability through Internet Explorer and then persuade a user to view the Web site.
�

An attacker could add a specially crafted .job file to the local file system or to a network share and then persuade the user to view the folder by using Windows Explorer.
�

An attacker could also access the affected component through another vector. For example, an attacker could log on to the system interactively or by using another program that passes parameters to the vulnerable component (locally or remotely).

from the microsoft site www.microsoft.com/technet/security/bulletin/MS04-022.mspx

[DrDoc]

Thx 4 the compiled Version :) i have tested it to compile it.. with the result im a noob :D

25 Downloads :( and just a few replys.. very poor :(

BIG THX ;)

Cya Doc

[The Storm]

is this a local exploit? cause there isn't a remoteadress required ?!?

[=k3Rn=]

hm thats a pitty :)

[The Storm]

hm when i use this exploit my explorer.exe crashes :) is there a chance to make this exploit a remote exploit or can the Vulnerability only be used local ?!?