OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Extirpater (extirpateryahoo.com)
Date: Wed Jul 04 2001 - 03:52:51 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    i wrote that one for a friend's request. i know
    changing the source code of smbclient's client.c file.
    Putting a "while" scans all 256 chars.
    my friend had problems with a few file and can't
    compile smb package.
    So exploit is there, use if you want... nothing to
    say...

    --- Dragos Ruiu <drkyx.net> wrote:
    > Floating around more than a year ago there was a
    > small (40-60 line from memory)
    > patch to samba/smbclient that utilizes the same
    flaw
    > to erm... remove the
    > needless bother of passwords on wintendo shares
    > nearly instantly, all in
    > one nice bundle to also access the data you need.

    >
    > I'm sorry but some sort of shortcoming in my, oh
    so
    > careful,
    > chronological by depth :-), exploit filing system
    > precludes my
    > finding it right now, but you ought to be able to
    > recreate it
    > fairly readily without too much work...
    >
    > If anyone is _still_ relying on share passwords on
    > old WIndows versions
    > for _any_ sort of security, short of keeping very
    > casual users out until
    > they spend a few minutes trying, they are making a
    > mistake.
    >
    > This has been around for a while, long enough for
    me
    > to lose the sploit
    > apparently.... so if you still are vulnerable to
    > this in this day and age on
    > any data of real significance, your security plan
    > really needs erm.... forklift
    > upgrades, imho.
    >
    > cheers,
    > --dr
    >
    > P.s. I think nessus has some good code for this
    too
    > that can be used as an
    > example, if you're looking...
    >
    > On Sun, 01 Jul 2001, Extirpater wrote:
    > >
    > > attachment...
    > >
    > >
    __________________________________________________
    > > Do You Yahoo!?
    > > Get personalized email addresses from Yahoo!
    Mail
    > > http://personal.mail.yahoo.com/
    >
    > ----------------------------------------
    > Content-Type: application/x-unknown;
    > name="smbcrack.c"
    > Content-Transfer-Encoding: base64
    > Content-Description: smbcrack.c
    > ----------------------------------------
    >
    > --
    > Dragos Ruiu <drdursec.com> dursec.com ltd. /
    > kyx.net - we're from the future
    > gpg/pgp key on file at wwwkeys.pgp.net or at
    http://dursec.com/drkey.asc

    __________________________________________________
    Do You Yahoo!?
    Get personalized email addresses from Yahoo! Mail
    http://personal.mail.yahoo.com/