MS08-067 Exploit for CN 2k/xp/2003 bypass version

492 views
Skip to first unread message

EMM

unread,
Oct 26, 2008, 1:45:49 PM10/26/08
to ph4...@googlegroups.com
Ru ti!
 
MS08-067.rar

大风

unread,
Oct 26, 2008, 1:49:56 PM10/26/08
to ph4...@googlegroups.com

 

顶啊,全球首个可用的exp,成功率很不错哦!

 

EMM

 

 

[Ph4nt0m]

[Ph4nt0m Security Team]

                  @ph4nt0m

          Email:  ax...@ph4nt0m.org

          PingMe:

          === V3ry G00d, V3ry Str0ng ===

          === Ultim4te H4cking ===

          === XPLOITZ ! ===

          === #_# ===

#If you brave,there is nothing you cannot achieve.#

 


发件人: ph4nt0m@googlegroups.com [mailto:ph4nt0m@googlegroups.com] 代表 EMM
发送时间: 2008年10月27 1:46
收件人: ph4nt0m@googlegroups.com
主题: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass version

 

Ru ti!

 


ayarei

unread,
Oct 26, 2008, 8:20:17 PM10/26/08
to ph4...@googlegroups.com

真快啊真快啊,恩,呵呵

 

发件人: ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] 代表 大风
发送时间: 20081027 1:50
收件人: ph4...@googlegroups.com
主题: [Ph4nt0m] 答复: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass version

 

 

顶啊,全球首个可用的exp,成功率很不错哦!

 

EMM

 

 

[Ph4nt0m]

[Ph4nt0m Security Team]

                  @ph4nt0m

          Email:  ax...@ph4nt0m.org

          PingMe:

          === V3ry G00d, V3ry Str0ng ===

          === Ultim4te H4cking ===

          === XPLOITZ ! ===

          === #_# ===

#If you brave,there is nothing you cannot achieve.#

 


发件人: ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] 代表 EMM
发送时间: 20081027 1:46
收件人: ph4...@googlegroups.com

主题: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass version

 

Ru ti!

 

 


 

ring04h

unread,
Oct 26, 2008, 4:14:53 PM10/26/08
to ph4...@googlegroups.com
顶起,可爱的 win32_bind

2008/10/27 大风 <opens...@gmail.com>

 

顶啊,全球首个可用的exp,成功率很不错哦!

 

EMM

 

 

[Ph4nt0m]

[Ph4nt0m Security Team]

                  @ph4nt0m

          Email:  ax...@ph4nt0m.org

          PingMe:

          === V3ry G00d, V3ry Str0ng ===

          === Ultim4te H4cking ===

          === XPLOITZ ! ===

          === #_# ===

#If you brave,there is nothing you cannot achieve.#

 


发件人: ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] 代表 EMM
发送时间: 2008年10月27 1:46
收件人: ph4...@googlegroups.com

主题: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass version

 

Ru ti!

 



sunwear

unread,
Oct 26, 2008, 9:30:13 PM10/26/08
to Ph4nt0m
good job

On 10月27日, 上午1时45分, EMM <w...@ph4nt0m.org> wrote:
> Ru ti!
>
> MS08-067.rar
> 16K查看下载

live live

unread,
Oct 26, 2008, 9:26:06 PM10/26/08
to ph4...@googlegroups.com
这个漏洞的挖掘思路很值得研究。

2008/10/27 ayarei <xue...@gmail.com>

XUNIX

unread,
Oct 26, 2008, 8:42:04 PM10/26/08
to Ph4nt0m
难道我RP又出问题了?2003试验不成功干脆跑到学校的机房去测试机房一水的2000server却一个成功的没有。

黑星

unread,
Oct 26, 2008, 8:53:24 PM10/26/08
to ph4...@googlegroups.com

bird

unread,
Oct 26, 2008, 8:32:42 PM10/26/08
to Ph4nt0m
测试了几台,有一台显示send payload over!

云舒

unread,
Oct 26, 2008, 9:16:38 PM10/26/08
to ph4nt0m
拜一下Envymask~~!第一把重锤啊。
 
2008-10-27

云舒

发件人: EMM
发送时间: 2008-10-27  01:46:58
收件人: ph4nt0m
抄送:

bluebanboom

unread,
Oct 26, 2008, 9:29:01 PM10/26/08
to ph4...@googlegroups.com
这么强悍吗?测试一下。

2008/10/27 ayarei <xue...@gmail.com>

oldface

unread,
Oct 26, 2008, 8:33:15 PM10/26/08
to ph4...@googlegroups.com
英文版的应该也快了!

在08-10-27,ayarei <xue...@gmail.com> 写道:



--
Life with Linux

黑星

unread,
Oct 26, 2008, 8:37:09 PM10/26/08
to ph4...@googlegroups.com
 不知道绑定的是哪个端口呢?
 
 
 



在2008-10-27 04:14:53,ring04h <rin...@gmail.com> 写道:

better0332

unread,
Oct 26, 2008, 10:02:51 PM10/26/08
to ph4...@googlegroups.com
MS08-067 Exploit for CN by E...@ph4nt0m.org
 
SMB Connect OK!
Maybe Patched!
################################################
MS08-067 Exploit for CN by E...@ph4nt0m.org
 
SMB Connect OK!
RpcExceptionCode() = 1722

鱼化石

unread,
Oct 26, 2008, 9:55:18 PM10/26/08
to ph4...@googlegroups.com

qq19...@gmail.com

unread,
Oct 26, 2008, 10:02:00 PM10/26/08
to ph4...@googlegroups.com
fail ON XP sp2 ,but IT GOOD *

--------------------------------------------------
From: "live live" <crac...@gmail.com>
Sent: Monday, October 27, 2008 9:26 AM
To: <ph4...@googlegroups.com>
Subject: [Ph4nt0m] Re: 答复: [Ph4nt0m] 答复: [Ph4nt0m] MS08-067 Exploit for
CN 2k/xp/2003 bypass version

> 这个漏洞的挖掘思路很值得研究。
>
> 2008/10/27 ayarei <xue...@gmail.com>
>
>> 真快啊真快啊,恩,呵呵
>>
>>
>>
>> *发件人:* ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] *代表
>> *大风
>> *发送时间:* 2008年10月27日 1:50
>> *收件人:* ph4...@googlegroups.com
>> *主题:* [Ph4nt0m] 答复: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003
>> bypass
>> version
>>
>>
>>
>>
>>
>> 顶啊,全球首个可用的exp,成功率很不错哦!
>>
>>
>>
>> 顶EMM!
>>
>>
>>
>>
>>
>> *[Ph4nt0m] <http://www.ph4nt0m.org/>** *
>>
>> *[Ph4nt0m Security Team]*
>>
>> * 刺@ph4nt0m <http://blog.ph4nt0m.org/>*
>>
>> * Email: ax...@ph4nt0m.org*
>>
>> * PingMe:
>> <http://cn.pingme.messenger.yahoo.com/webchat/ajax_webchat.php?yid=hanqin_wuhq&sig=9ae1bbb1ae99009d8859e88e899ab2d1c2a17724>
>> *
>>
>> * **=== V3ry G00d, V3ry Str0ng ===*
>>
>> * === Ultim4te H4cking ===*
>>
>> * === XPLOITZ ! ===*
>>
>> * === #_# ===*
>>
>> *#If you brave,there is nothing you cannot achieve.#*
>>
>>
>> ------------------------------
>>
>> *发件人:* ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] *代表
>> *EMM
>> *发送时间:* 2008年10月27日 1:46
>> *收件人:* ph4...@googlegroups.com
>> *主题:* [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass version
>>
>>
>>
>> Ru ti!
>>
>>
>>
>>
>>
>>
>>
>>
>> >
>>
>
> >
>

leven

unread,
Oct 26, 2008, 10:10:30 PM10/26/08
to Ph4nt0m
某小菜问。。这个应该怎么用呢?是导入到metasploit里面么》

atta

unread,
Oct 26, 2008, 9:59:58 PM10/26/08
to Ph4nt0m
顶起 呵呵

mmx

unread,
Oct 26, 2008, 10:08:28 PM10/26/08
to ph4...@googlegroups.com

试了几台,好像不行啊
2008/10/27 黑星 <tob...@yeah.net>



--
Guo Jinpeng
Mobile:86-13811168737
Room430,Building 45 jia,Peking University
BeiJing 100871

atta

unread,
Oct 26, 2008, 9:58:53 PM10/26/08
to Ph4nt0m
有些主机溢出 登陆过去就被断开了 烦恼啊 等待反响获得SHELL得 版本 这个本不溢出跟人机器 成功率好高 哈哈 抓鸡必备啊

oldface

unread,
Oct 26, 2008, 9:58:56 PM10/26/08
to ph4...@googlegroups.com
看shellcode是4444port。
不过我用vs2005编译成功不能运行,faint

 
在08-10-27,黑星 <tob...@yeah.net> 写道:



--
Life with Linux

54netkey

unread,
Oct 26, 2008, 9:59:30 PM10/26/08
to ph4nt0m
没成功过。
C:\>MS08-067.exe 192.168.0.109
MS08-067 Exploit for CN by E...@ph4nt0m.org
SMB Connect OK!
RpcExceptionCode() = 1722
 
2008-10-27

54netkey

发件人: 黑星
发送时间: 2008-10-27  09:51:03
收件人: ph4nt0m
抄送:
主题: [Ph4nt0m]_回复:[Ph4nt0m]_Re:_答复:_[Ph4nt0m]_MS08-067_Exploit_for_CN_2k/xp/2003_bypass_version

amxsa

unread,
Oct 26, 2008, 9:55:21 PM10/26/08
to ph4...@googlegroups.com
试了好几个 Make SMB Connection error:1203 
 
 
 

在2008-10-27,oldface <face...@gmail.com> 写道:

[广告] 金秋最关注楼盘-房不胜房

Ulises2k

unread,
Oct 26, 2008, 9:59:52 PM10/26/08
to ph4...@googlegroups.com
When will the version in English?

2008/10/26 oldface <face...@gmail.com>:


> 英文版的应该也快了!
>
> 在08-10-27,ayarei <xue...@gmail.com> 写道:
>>
>> 真快啊真快啊,恩,呵呵
>>
>>
>>
>> 发件人: ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] 代表 大风
>> 发送时间: 2008年10月27日 1:50
>> 收件人: ph4...@googlegroups.com
>> 主题: [Ph4nt0m] 答复: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass
>> version
>>
>>
>>
>>
>>
>> 顶啊,全球首个可用的exp,成功率很不错哦!
>>
>>
>>
>> 顶EMM!
>>
>>
>>
>>
>>
>> [Ph4nt0m]
>>
>> [Ph4nt0m Security Team]
>>
>> 刺@ph4nt0m
>>
>> Email: ax...@ph4nt0m.org
>>
>> PingMe:
>>

oldface

unread,
Oct 26, 2008, 10:29:05 PM10/26/08
to ph4...@googlegroups.com
试了几个虚拟机,未成功过。

在08-10-27,Ulises2k <ulis...@gmail.com> 写道:



--
Life with Linux

kelzz

unread,
Oct 26, 2008, 10:37:51 PM10/26/08
to ph4...@googlegroups.com
测试了4台,没成功,呵呵,人品问题吧。
 
 
2008-10-27

kelzz

发件人: 54netkey
发送时间: 2008-10-27  10:25:45
收件人: ph4nt0m
抄送:
主题: [Ph4nt0m] Re: [Ph4nt0m]_回复:[Ph4nt0m]_Re:_答复:_[Ph4nt0m]_MS08-067_Exploit_for_CN_2k/xp/2003_bypass_version

atta

unread,
Oct 26, 2008, 10:45:11 PM10/26/08
to Ph4nt0m
批量溢出一个IP 段 的3台服务器 个人主机一个段可以得到20-30台 大家快干吧 呵呵
On Oct 27, 9:59 am, Ulises2k <ulise...@gmail.com> wrote:
> When will the version in English?
>
> 2008/10/26 oldface <face....@gmail.com>:
>
>
>
> > 英文版的应该也快了!
>
> > 在08-10-27,ayarei <xuew...@gmail.com> 写道:
>
> >> 真快啊真快啊,恩,呵呵
>
> >> 发件人: ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] 代表 大风
> >> 发送时间: 2008年10月27日 1:50
> >> 收件人: ph4...@googlegroups.com
> >> 主题: [Ph4nt0m] 答复: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass
> >> version
>
> >> 顶啊,全球首个可用的exp,成功率很不错哦!
>
> >> 顶EMM!
>
> >> [Ph4nt0m]
>
> >> [Ph4nt0m Security Team]
>
> >> 刺@ph4nt0m
>
> >> Email: a...@ph4nt0m.org
>
> >> PingMe:
>
> >> === V3ry G00d, V3ry Str0ng ===
>
> >> === Ultim4te H4cking ===
>
> >> === XPLOITZ ! ===
>
> >> === #_# ===
>
> >> #If you brave,there is nothing you cannot achieve.#
>
> >> ________________________________
>
> >> 发件人: ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] 代表 EMM
> >> 发送时间: 2008年10月27日 1:46
> >> 收件人: ph4...@googlegroups.com
> >> 主题: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass version
>
> >> Ru ti!
>
> > --
> > Life with Linux- Hide quoted text -
>
> - Show quoted text -

shanker lee

unread,
Oct 26, 2008, 10:30:12 PM10/26/08
to ph4...@googlegroups.com
定 一定要顶起来!!感谢EMM的共享精神说说编译的过程把!!

2008/10/27 Ulises2k <ulis...@gmail.com>



--
江山待有我等出;
各领黑坛数十年

helloric

unread,
Oct 26, 2008, 11:36:39 PM10/26/08
to Ph4nt0m

大风

unread,
Oct 26, 2008, 11:38:04 PM10/26/08
to ph4...@googlegroups.com

幻影邮件列表自建立以来的最火贴由此产生。。。。。。。。。



[Ph4nt0m]
[Ph4nt0m Security Team]
刺@ph4nt0m
Email: ax...@ph4nt0m.org
PingMe:
=== Ultimate Hacking ===
=== XPLOITZ ! ===
=== #_# ===
#If you brave,there is nothing you cannot achieve.#

-----邮件原件-----
发件人: ph4...@googlegroups.com [mailto:ph4...@googlegroups.com] 代表 atta
发送时间: 2008年10月27日 10:45
收件人: Ph4nt0m
主题: [Ph4nt0m] Re: 答复: [Ph4nt0m] 答复: [Ph4nt0m] MS08-067 Exploit for CN

better0332

unread,
Oct 26, 2008, 11:49:06 PM10/26/08
to ph4...@googlegroups.com
XP SP2(cn)VMware  fail

qiang shen

unread,
Oct 26, 2008, 11:49:06 PM10/26/08
to ph4...@googlegroups.com


2008/10/27 kelzz <ke...@126.com>
顶起,可爱的 win32_bind

2008/10/27 大风 <opens...@gmail.com>
局域网试验两台 成功一台~~~



aking

unread,
Oct 26, 2008, 11:42:36 PM10/26/08
to ph4...@googlegroups.com
一直以为要自己调的。。。。
很可耻的直接拿去用了:(

2008/10/27 atta <gxh...@gmail.com>



--
I am aking

helloric

unread,
Oct 26, 2008, 11:42:52 PM10/26/08
to Ph4nt0m

找了好几台都不成功,只有一台是本机测试成功的。显示send payload over ,然后telnet 4444成功。

Zhang Jun

unread,
Oct 27, 2008, 12:20:26 AM10/27/08
to ph4...@googlegroups.com
这东东走的smb?那么扫tcp445可以吗?
很难扫到阿.

fleikyfleiky

unread,
Oct 27, 2008, 12:19:20 AM10/27/08
to ph4...@googlegroups.com


为什么还没有英文版和繁体版呢?


> From: opens...@gmail.com
> To: ph4...@googlegroups.com
> Subject: [Ph4nt0m] 答复: [Ph4nt0m] Re: 答复: [Ph4nt0m] 答复: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass version
> Date: Mon, 27 Oct 2008 11:38:04 +0800

dcd

unread,
Oct 27, 2008, 12:31:18 AM10/27/08
to ph4...@googlegroups.com
milw0rm上也看到了,是一样的吧?

From: EMM
Sent: Monday, October 27, 2008 1:45 AM
Subject: [Ph4nt0m] MS08-067 Exploit for CN 2k/xp/2003 bypass version

Ru ti!
 

Evil

unread,
Oct 27, 2008, 1:01:22 AM10/27/08