Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 34

Thread: How do I go about using this exploit?

  1. #11
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Milw0rms site seems to be having some issues so I can not look at the code for you. There should be something in the exploit code to tell you the connection parameters.

  2. #12
    Member
    Join Date
    Jul 2007
    Posts
    104

    Default

    I put the .py file on my server and connected to it port 554 while the .py file was running. This is what it said:
    "Listening on [RTSP] 554
    Connection accepted from: 192.168.2.4
    Done, press enter to quit"

    But after that nothing happens. If I'm reading the shellcode correctly, a cmd window should open or would there still be something else I need to do?

    (milw0rm.com/exploits/4657)

  3. #13
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    sounds like your target is not vunerable.

  4. #14
    Senior Member imported_spankdidly's Avatar
    Join Date
    Feb 2006
    Posts
    1,031

    Default

    Quote Originally Posted by ESC201 View Post
    "Listening on [RTSP] 554
    Connection accepted from: 192.168.2.4
    Done, press enter to quit"


    Quote Originally Posted by purehate View Post
    sounds like your target is not vunerable.
    Whew, Thank God. I thought my system was patched against that, but you never can tell these days! Next time ask before attacking my pr0n box!
    I felt like bending the bars back, and ripping out the window frames and eating them. yes, eating them! Leaping, leaping, leaping! Colonics for everyone! All right! You dumb*sses. I'm a mental patient. I'm *supposed* to act out!

  5. #15
    Member
    Join Date
    Jul 2007
    Posts
    104

    Default

    My systems should be vulnerable to it since I have quicktime 7.3. I'll do some more research on Google. Anyway, you guys answered my original question. Thanks for all the help.

  6. #16
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I suggest the security focus site. Specifically the section on vulnerabilities. It might also be worth mentioning that often on public exploit sites such as milworm a piece of code will be removed or altered to prevent abuse. Also lately I've been seeing calc.exe as a shell code because with out knowledge of shellcode little abuse can be done with a calculator.

  7. #17
    Developer balding_parrot's Avatar
    Join Date
    May 2007
    Posts
    3,399

    Default

    That's a good move in my opinion, it stops it being plug and play for skriddies and means they must actually have some knowledge to use it for anything other than a POC, which I think is a cool move.

  8. #18
    Just burned his ISO
    Join Date
    Nov 2007
    Posts
    3

    Default

    Quote Originally Posted by purehate View Post
    I suggest the security focus site. Specifically the section on vulnerabilities. It might also be worth mentioning that often on public exploit sites such as milworm a piece of code will be removed or altered to prevent abuse. Also lately I've been seeing calc.exe as a shell code because with out knowledge of shellcode little abuse can be done with a calculator.
    Thats actually false. Exploits are fixed and change on milw0rm (not broken).

    /str0ke

  9. #19
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I did not say they were broken. You should learn how to read before you correct me. I said they are altered. For example the one that I had the most trouble with was a variable which was P was defined and then on the next line it was zeroed out and then on the next line the function is called but there is no variable because we zeroed it out. So thats what I mean by altered and as a matter of fact it IS broken because when run with out the fix it will cause a segmentation fault.

  10. #20
    Junior Member
    Join Date
    Jan 2010
    Posts
    42

    Default

    Metasploit quicktime 7.3 - can someone please take a look at this and tell me what Im doing wrong?? http://rapidshare.com/files/73878364...t_7.3.wmv.html

Page 2 of 4 FirstFirst 1234 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •