Nmap Development mailing list archives
Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service
From: Ron <ron () skullsecurity net>
Date: Mon, 31 May 2010 12:51:36 -0500
On Mon, 31 May 2010 19:30:04 +0200 Dražen Popović <drazen.popovic () fer hr> wrote:
@Ron A very cool idea! =) Have you considered making a little NSE exploiting framework? Nothing too fancy, just simple as connect-back shellcodes and such.
I'd leave the "connect-back shellcode" and similar to Metasploit, especially because those are going to be unreliable thanks to Firewalls and such. I'd like to find a way to do this, maybe in a somewhat generic way, but that doesn't require an extra connection or anything like that. There has to be some variable in memory that we can predict and change in a reliable way, or maybe find/use the socket to send back a validation, or something else? I don't know.. this is going to get complicated and dangerous. :)
Regards, Dražen. P.S. Vulnerable WinXP testing pending... -- Laboratory for Systems and Signals Department of Electronic Systems and Information Processing Faculty of Electrical Engineering and Computing University of Zagreb _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
-- Ron Bowes http://www.skullsecurity.org http://www.twitter.com/iagox86
Attachment:
_bin
Description:
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 28)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 28)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Ron (May 31)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (Jun 01)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (Jun 02)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service David Fifield (Jun 02)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Dražen Popović (May 30)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Richard Miles (May 28)
- Re: [NSE] Check for MS06-025 vulnerability in Microsoft RRAS service Ron (May 31)