Re: Win9x netbios pass verif. exploit for unix

From: Extirpater (extirpaterat_private)
Date: Wed Jul 04 2001 - 01:52:51 PDT

Next message: Roelof: "double decode: to slash or not to slash."

Previous message: Marukka: "Re: un-hibernating laptop using old network settings"
In reply to: Dragos Ruiu: "Re: Win9x netbios pass verif. exploit for unix"
Next in thread: H D Moore: "Re: Win9x netbios pass verif. exploit for unix"
Reply: H D Moore: "Re: Win9x netbios pass verif. exploit for unix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

i wrote that one for a friend's request. i know
changing the source code of smbclient's client.c file.
Putting a "while" scans all 256 chars.
my friend had problems with a few file and can't
compile smb package.
So exploit is there, use if you want...  nothing to
say...

--- Dragos Ruiu <drat_private> wrote:
> Floating around more than a year ago there was a
> small (40-60 line from memory)
> patch to samba/smbclient that utilizes the same
flaw
> to erm... remove the
> needless bother of passwords on wintendo shares
> nearly instantly, all in 
> one nice bundle to also access the data you need. 

> 
> I'm sorry but some sort of shortcoming in my, oh
so
> careful, 
> chronological by depth :-), exploit filing system
> precludes my 
> finding it right now, but you ought to be able to
> recreate it 
> fairly readily without too much work...
> 
> If anyone is _still_ relying on share passwords on
> old WIndows versions
> for _any_ sort of security, short of keeping very
> casual users out until
> they spend a few minutes trying, they are making a
> mistake.
> 
> This has been around for a while, long enough for
me
> to lose the sploit
> apparently.... so if you still are vulnerable to
> this in this day and age on
> any data of real significance, your security plan
> really needs erm.... forklift
> upgrades, imho.
> 
> cheers,
> --dr
> 
> P.s.  I think nessus has some good code for this
too
> that can be used as an
> example, if you're looking...
> 
> On Sun, 01 Jul 2001, Extirpater wrote:
> > 
> > attachment...
> > 
> >
__________________________________________________
> > Do You Yahoo!?
> > Get personalized email addresses from Yahoo!
Mail
> > http://personal.mail.yahoo.com/
> 
> ----------------------------------------
> Content-Type: application/x-unknown;
> name="smbcrack.c"
> Content-Transfer-Encoding: base64
> Content-Description: smbcrack.c
> ----------------------------------------
> 
> -- 
> Dragos Ruiu <drat_private>   dursec.com ltd. /
> kyx.net - we're from the future 
> gpg/pgp key on file at wwwkeys.pgp.net or at
http://dursec.com/drkey.asc


__________________________________________________
Do You Yahoo!?
Get personalized email addresses from Yahoo! Mail
http://personal.mail.yahoo.com/

Next message: Roelof: "double decode: to slash or not to slash."
Previous message: Marukka: "Re: un-hibernating laptop using old network settings"
In reply to: Dragos Ruiu: "Re: Win9x netbios pass verif. exploit for unix"
Next in thread: H D Moore: "Re: Win9x netbios pass verif. exploit for unix"
Reply: H D Moore: "Re: Win9x netbios pass verif. exploit for unix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Jul 04 2001 - 12:33:16 PDT