|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: Re: dsnhack.pl
From: Roelof Temmingh (roelof
SENSEPOST.COM)Date: Thu Apr 13 2000 - 02:45:10 CDT
- Next message: Bruce Kneece: "Port 27015"
- Previous message: Yip Chan Keong: "sadmind hack?"
- In reply to: Michael Kluskens: "dsnhack.pl"
- Reply: Roelof Temmingh: "Re: dsnhack.pl"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Wed, 12 Apr 2000, Michael Kluskens wrote:
> Has anyone had time to evaluate "dsnhack.pl", a winnt remote exploit
> by scrippie. It's also at that site. I assume it has been out for
> quite awhile since it is version 1.3.
I had a quick look at dsnhack.pl. The script is basically modeled on a
paper written by Rain Forest Puppy:
http://www.wiretrip.net/rfp/p/doc.asp?id=42&iface=1
(which is a very good read), and then the creator packed some more
punch, allowing the user to get the absolute path, upload files, create
the neccesary DSNs etc.
Know the MDAC RFP exploit ? - this one is same, just with some added
claws.
NewDSN exploit v 1.3 -- Scrippie / Phreak.nl
Usage: dsnhack.pl -h <host>
-c = create a new M$ Access DSN (Web SQL)
-d = dump hard path by using several flaws
-f = Force command (skip checks for .idc's)
-g <server:filename> = Upload file to NT box via FTP
-h <host> = host you want to scan (ip or domain)
-u <filename> = Upload HTML file (easy defacing)
-w = Win 95 support
-m <dir /s /b file> = Mass deface (see documentation)
Regards,
Roelof
------------------------------------------------------
Roelof W Temmingh SensePost IT security
roelofsensepost.com +27 84 448 6996
http://www.sensepost.com
- Next message: Bruce Kneece: "Port 27015"
- Previous message: Yip Chan Keong: "sadmind hack?"
- In reply to: Michael Kluskens: "dsnhack.pl"
- Reply: Roelof Temmingh: "Re: dsnhack.pl"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]