MS Windows DNS RPC Remote Buffer Overflow Exploit (port 445)
[code]Microsoft DNS Server Remote Code execution Exploit and analysisAdvisory: [url]http://www.microsoft.com/technet/security/advisory/935964.mspx[/url]
This remote exploit works against port 445 (also Microsoft RPC api used)
Author:
* Mario Ballano ( mballano~gmail.com )
* Andres Tarasco ( atarasco~gmail.com )
Timeline:
* April,12,2007: Microsoft advisory published
* April,13,2007: POC Exploit coded
* April,14,2007: Microsoft notified about a new attack vector against port 445 (this exploit code)
* April,14,2007: Working exploit for Windows 2000 server SP4 (Spanish)
* April,15,2007: Working exploit for Windows 2003 server SP2 (Spanish) /GS bypassed
* April,16,2007: hackers hax the w0rld and got busted.
* April,xx,2007: Lammer release the first buggy worm
* Xxxxx,xx,2007: Finally it was true. Nacked photos of Gary m.. being abducted were found at NSA servers
[/code]
页:
[1]