So mcurdy.com is your website. I wondered why you recommended them so much.
it was not plain text .. it was encoded your browser just decoded it for you ;POriginally Posted by Deathray
And by the way, I think you should lookup the rules about links in signatures.
I'm not sure if plain-text links are allowed. Just trying to keep you out of trouble
it was removed by mods I guess I replaced it with my other sig
So mcurdy.com is your website. I wondered why you recommended them so much.
[FONT=Courier New][SIZE=2][FONT=Courier New]hehe...
[/FONT][/SIZE][/FONT]
;0
yep I dont care about hits its just a simple fast way for me to put what I want in what ever format I want because its my site.
in fact I block 90%+ of search bots etc my filters are insane
some times I just sit and watch the traffic and ban agent tags that I don't like
dynamic signature
if anybody wants one let me know
Most of you guys need to understand Access Control in windows, you wonder why you don't get in? smb_relay if you were to look over HD Moore Presentation from Defcon 15 titled "Tactical exploitation" and a few Hacking Exposed books later you would have a clue.But seriously smb_relay works in just about any windows os when it has been weakened (ie: setting for a windows Domain (Active Directory)) if you wanted this to work from default, use a Win2k box. (Pro/ server does not matter) The reason it works on 2K is because of access control, read up about it! If I was to apply the same Domain security settings on a Fully patched XP box you would have your shell, compared to a Fully Patched XP box with no weakened Domain setting applied.
To test this out: In windows XP Pro:
1) START > RUN > secpol.msc
2) Find 'Local Policies' > 'Security Options'
3) Now lets make some changes:
Network Access: DO not allow Anonymous enum of SAM accounts: Disable
Than find: Network Access: Sharing and security model for local accounts.
In the dialog box, select option to Classic – local users authenticate as themselves.
Have port 139 and 445 showing as well! THAN reboot!
Enjoy
It works fine on fully patched XP box just not in firefox
Dears,
I have a question about this exploit. As I understood, it is working by forcing the victim to access a share in the attackers PC. and since the authentication for the victim will fail, a pop-up windows will ask the victim to enter the credintials. And he will enter his by default.
My question, will the exploit use the entered credintials to load the payload? Since I have tried it on my lab, and the popup windows was shown at the victim side, however in the Metasploit console always I was getting authentication failed, I simulated it through launching the smb_relay in the attacker machine, and from the vicitim machine, I entered \\attacker_IP\ in the browser.
Thanks in advance,
Hi, You should not need to enter any Credentials on the victims side, try using a weaker win2k sp4 box as a test and you will see. btw authentication failed is a good thing, this is what the entire attack is based on.
Thx for the info. does this attack work on both workgroup and domian environment, as what I have tested is a workgroup PC.Hi, You should not need to enter any Credentials on the victims side, try using a weaker win2k sp4 box as a test and you will see. btw authentication failed is a good thing, this is what the entire attack is based on.
**Samsungs Video of OWNING A FULLY PATCHED XP**
Hi All,
After reading the posts here I thought I'd make a video to try show what's being done, there are a lot of questions on if this can be done or not, so I have spent the last few mins getting a video prepared.
THIS IS A VIDEO ON A FULLY PATCHED XP SYSTEM WITH FIREWALL ENABLED, NO HIDDEN SERVERS ETC ARE BEING USED, JUST A SIMPLE REVERSE_TCP PAYLOAD
Credit to operat0r for posting the tutorial & to keep things simple I have used the smb.rc (filtered with etterfilter) & smb.filter as per THIS 1ST POST
**OBVIOUSLY CHANGING MY IP ADDRESS**
So without further ado, sit back & watch my video HERE
Please feel free to give any feedback good or bad, as it only takes a few mins for you to watch it, but a lot of hard work goes into making these videos
Read my post up the page. #14 As you can see, Domain only.
Posting Permissions
