Page 6 of 13 FirstFirst ... 45678 ... LastLast
Results 51 to 60 of 122

Thread: Own Full patched XP box via HTTP

  1. #51
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Thumbs up The results are in

    Quote Originally Posted by samsung View Post
    ALSO, to point out that had you NOT made changes re: #post 14, this would not have worked?
    Just to tie up any loose ends cheers bro
    The Test Results are in.......



    I tried it with "Use simple file sharing" (recommended) checked...and the exploit WOULD NOT WORK.



    But with it unchecked, the exploit FULLY worked on my FULLY PATCHED, UP TO DATE XP PRO BOX.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  2. #52

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    The Test Results are in.......



    I tried it with "Use simple file sharing" (recommended) checked...and the exploit WOULD NOT WORK.



    But with it unchecked, the exploit FULLY worked on my FULLY PATCHED, UP TO DATE XP PRO BOX.

    This is very good news, -=Xploits=- thank you for taking the time to get around this, appreciate it bro (as per msg yest, I had 2 dash out & all went well) if ya know wot i mean


    Quote Originally Posted by ibrahim52


    Samsung.You'd feel weird on my question but can i ask you what is the difference between the HACK LIKE A PRO thread and this thread.Because i tried both.What i see is the only difference is of patched and xp untouched.If i am not wrong.But i am having the same error following instructions of both
    ibrahim52, can you try this also & see if it NOW works for you?

    @ dapirates1
    Thanks mate for also taking time to try this & letting me know your success & failures


    I would like to see more members getting success with this if they have time to try it, but there will be questions for example

    Why will this ONLY work if certain shares are ticked/unticked & what if our victimlooser (c) had not got these ticked/unticked, as these would not be 'default' settings so how are we to exploit him, I think the easiest answer I can think of is possibly NOT...!
    But it's just proving that once again M$ have vunerablities even though they say your fully patched & where there's a will, there's a way

    Thanks all for taking time to read this & try my video & putting up with the minor snags & I hope you enjoyed it

    Disclaimer: I take no responsibility for you making any changes to your systems or for you performing this attack, this is for Training Purposes ONLY

  3. #53
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    Quote Originally Posted by samsung View Post
    This is very good news, -=Xploits=- thank you for taking the time to get around this, appreciate it bro (as per msg yest, I had 2 dash out & all went well) if ya know wot i mean


    Why will this ONLY work if certain shares are ticked/unticked & what if our victimlooser (c) had not got these ticked/unticked, as these would not be 'default' settings so how are we to exploit him, I think the easiest answer I can think of is possibly NOT...!
    Glad to hear it went well. I bet you got what you wanted.


    I'm using XP Pro SP1 OEM Disk, and by default my "use simple file sharing" box is unchecked by default.

    I don't have a copy of XP Pro SP2 OEM...but when I ever reformat my HDD, I update my install to SP2. So maybe on a SP2 OEM disk the "use simple file sharing" box is unticked as well by default? Anybody know or can anyone verify if XP Pro SP2 has "use simple file sharing" unticked by default??


    BTW, in case I wasn't clear in what I just said...YES I have a fully patched XP Pro Box with SP2 on it and all updates were up to date.
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  4. #54

    Default

    Quote Originally Posted by -=Xploitz=- View Post
    Glad to hear it went well. I bet you got what you wanted.


    I'm using XP Pro SP1 OEM Disk, and by default my "use simple file sharing" box is unchecked by default.

    I don't have a copy of XP Pro SP2 OEM...but when I ever reformat my HDD, I update my install to SP2. So maybe on a SP2 OEM disk the "use simple file sharing" box is unticked as well by default? Anybody know or can anyone verify if XP Pro SP2 has "use simple file sharing" unticked by default??


    BTW, in case I wasn't clear in what I just said...YES I have a fully patched XP Pro Box with SP2 on it and all updates were up to date.
    I think XP Home has it Defaulted to ON, because it's not connecting to a domain, whereas XP Pro, when setting it up, at the start it asks is this part of a domain & if you say yes, it turns it off by default I think that's the way it works, if anyone knows for sure feel free to correct me

  5. #55
    Senior Member
    Join Date
    Apr 2007
    Posts
    3,385

    Default

    One last thing I'd like to say.....

    This exploit is quite "tricky" to get to work. For example>>

    My IE7 HAD to be already opened before I ran ettercap or metasploit. If IE7 wasn't already running, then there would be no connection from my XP IE7 and the internet. So make sure you have IE7 already running BEFORE you try this exploit.

    Also, for some reason, I would periodically get IE7 to not connect after putting in my REAL Username and password in gmail....but if I used a "fake" user/pass...it would work fine. What I mean by that is that IE7 would lose connection after entering in my REAL username and password and going to the "next" page, but with a "fake" or "wrong" user / pass...it wouldn't lose connection.

    Also...I went to ebay.com and I had to click on the same link samsung did in his video in order to get the exploit to load and start processing. It was this one (Located near the top of the page.) >>>

    Code:
    Welcome! Sign in or register.
    NOT the big red "Sign in" button.



    And one last thing......

    For some reason, I HAD to type in all HTTP addresses manually in the browsers address bar. I couldn't use "Google" to load in a search for Gmail or Ebay as an entrance to their main sites...again..IE7 would not connect unless I manually typed in the HTTP address in the address bar!

    All in all, its not a "solid" exploit because of so many temperaments and oddities that are unexplained. The browsers behavior is VERY suspicious in my opinion, along with having to manually type in the websites address into the address bar. I suppose one could forge a really nice looking "authentic" certificate so that IE7 wouldn't hit the panic button...but that goes beyond the scope of this tutorial. It would have been less "red flagging" if you didn't have to manually enter the addresses in though.

    It is although a very nice proof of concept exploit, and I believe that was the intention of the OP and the original author of this exploit. The whole "what if" theories come to mind about how to protect yourself from this exploit / MITM attack, but in reality, theres not much you can do to protect yourself except to make sure you HAVE ""use simple file sharing" checked!!

    Nice work guys.


    ***EDIT***

    If anyone else IS experiencing or NOT experiencing these oddities...please post!!
    [CENTER][FONT=Book Antiqua][SIZE=5][B][COLOR=blue][FONT=Courier New][COLOR=red]--=[/COLOR][/FONT]Xploitz[FONT=Courier New][COLOR=red]=--[/COLOR][/FONT][/COLOR][/B][/SIZE][/FONT][FONT=Courier New][COLOR=Black][SIZE=6][B] ®[/B][/SIZE][/COLOR][/FONT][/CENTER]
    [CENTER][SIZE=4][B]Remote-Exploit.orgs Master Tutorialist.[/B][/SIZE][SIZE=6][B]™
    [/B][/SIZE]
    [URL="http://forums.remote-exploit.org/showthread.php?t=9063"][B]VIDEO: Volume #1 "E-Z No Client WEP Cracking Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=7872"][B]VIDEO: Volume #2 "E-Z No Client Korek Chopchop Attack Tutorial"[/B]
    [/URL]
    [URL="http://forums.remote-exploit.org/showthread.php?t=8230"][B]VIDEO: Volume #3 "E-Z WPA/WPA2 Cracking Tutorial"[/B][/URL]

    [URL="http://forums.remote-exploit.org/showthread.php?t=8041"][B]VIDEO: Volume #4 "E-Z Cracking WPA/WPA2 With Airolib-ng Databases"[/B][/URL]
    [/CENTER]

  6. #56
    Senior Member
    Join Date
    Mar 2008
    Posts
    153

    Default

    Quote Originally Posted by operat0r View Post
    Umm you should not need to do the secpol.msc .. I will create a new user tonight and try it again still working on the FF issue aparently flash has the same built in security
    Sorry,was buzy thats why couldnt check this post guys.Well so should i wait for you operator or again i should try sir.

  7. #57
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    2

    Question

    as for the restriction to LAN due to ettercap, it may be possible to use airpwn to inject the image?

  8. #58
    Just burned his ISO
    Join Date
    Apr 2008
    Posts
    2

    Default

    Quote Originally Posted by unix_r00ter View Post
    does this only work on LAN??
    it may be possible to inject the image with airpwn?

  9. #59
    Senior Member
    Join Date
    Feb 2008
    Posts
    681

    Default

    I'm going to try this... thanks for the tutorial
    [FONT=Courier New][SIZE=2][FONT=Courier New]hehe...
    [/FONT][/SIZE][/FONT]

  10. #60

    Default

    Quote Originally Posted by .lonewolf View Post
    I'm going to try this... thanks for the tutorial
    Please let me know your success / failures etc

    Hope you get it working a few people had difficulties

Page 6 of 13 FirstFirst ... 45678 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •