Windows Manage Privilege Based Process Migration

This module will migrate a Meterpreter session based on session privileges. It will do everything it can to migrate, including spawning a new User level process. For sessions with Admin rights: It will try to migrate into a System level process in the following order: ANAME if specified,...

Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Services.exe Denial of Service (1)

No description provided by source. source: http://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will crash the services executable, which in turn,...

Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 Services.exe Denial of Service (2)

No description provided by source. source: http://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will crash the services executable, which in turn,...

CVE-2013-3862

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...

Double free

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...

CVE-2013-3862

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the Service Control Manager SCM, aka "Service Control Manager Double Free Vulnerability."...

Microsoft Windows Server - Code Execution (PoC) (MS08-067)

Microsoft Windows Server - Code Execution PoC MS08-067 In vstudio command prompt: mk.bat next: attach debugger to services.exe 2k or the relevant svchost xp/2k3/... net use \IPADDRESS\IPC$ /user:user creds die \IPADDRESS \pipe\srvsvc In some cases, /user:"" "", will suffice i.e., anonymous...

MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)

No description provided by source. // tested and approved /str0ke / Program: Denial of Service attack for MS UMPNPMGR PNPGetDeviceList Author: Winny Thomas Vulnerability: no length checking on passed parameter to PNPGetDeviceList in UMPNPMGR.dll Note: The code crashes services.exe on the target,...

Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption

!/usr/bin/python MS Windows DCE-RPC svcctl ChangeServiceConfig2A 0day Memory Corruption PoC Exploit Bug discovered by Krystian Kloskowski h07 Tested on Windows 2000 SP4 Polish all patches Requires.. - Impacket : http://oss.coresecurity.com/projects/impacket.html - PyCrypto :...

POC for MS06-041

No description provided by source. !/usr/bin/python POC for MS06-041 Run the python script passing the local ip address as parameter. The DNS server will start listening on this ip address for DNS hostname resolution queries. This script is for testing and educational purpose and so to test this...

MS Windows DNS Resolution Remote Denial of Service PoC (MS06-041)

No description provided by source. !/usr/bin/python POC for MS06-041 Run the python script passing the local ip address as parameter. The DNS server will start listening on this ip address for DNS hostname resolution queries. This script is for testing and educational purpose and so to test this...

MS Windows DNS Resolution Remote Denial of Service PoC (MS06-041)

Exploit for unknown platform in category dos / poc ================================================================= MS Windows DNS Resolution Remote Denial of Service PoC MS06-041 ================================================================= !/usr/bin/python POC for MS06-041 Run the python...

Microsoft Windows - DNS Resolution Remote Denial of Service (PoC) (MS06-041)

Microsoft Windows - DNS Resolution Remote Denial of Service PoC MS06-041 !/usr/bin/python POC for MS06-041 Run the python script passing the local ip address as parameter. The DNS server will start listening on this ip address for DNS hostname resolution queries. This script is for testing and...

Canonical.txt

/ Microsoft Windows CanonicalizePathName Remote Overflow MSO6-040 More info: http://www.microsoft.com/technet/security/bulletin/MS06-040.mspx Written by Preddy This is another version of hdm's metasploit version but ported to C, Works against Windows XP SP1 And it should give a crash on Win2k in...

MS Windows 2k UPNP (getdevicelist) Memory Leak DoS Exploit

Exploit for unknown platform in category dos / poc ========================================================== MS Windows 2k UPNP getdevicelist Memory Leak DoS Exploit ========================================================== / Author: Winny Thomas Nevis Labs, Pune, INDIA Details: While working o...

Microsoft Windows Plug-and-Play - Umpnpmgr.dll Denial of Service (MS05-047) (2)

Microsoft Windows Plug-and-Play - Umpnpmgr.dll Denial of Service MS05-047 2 // tested and approved /str0ke / Program: Denial of Service attack for MS UMPNPMGR PNPGetDeviceList Author: Winny Thomas Vulnerability: no length checking on passed parameter to PNPGetDeviceList in UMPNPMGR.dll Note: The...

MS Windows Plug-and-Play (Umpnpmgr.dll) DoS Exploit (MS05-047) (2)

Exploit for unknown platform in category dos / poc ================================================================== MS Windows Plug-and-Play Umpnpmgr.dll DoS Exploit MS05-047 2 ================================================================== // tested and approved /str0ke / Program: Denial of...

MS Windows Workstation Service WKSSVC Remote Exploit (MS03-049)

Exploit for unknown platform in category remote exploits =============================================================== MS Windows Workstation Service WKSSVC Remote Exploit MS03-049 =============================================================== / Author: snooq Date: 14 November 2003 +++++++++++...

Уязвимость в services.exe Windows 2000

Локальный пользователь может создать приложение, которое "перехватит" именованный канал регистрируемый сервисом, таком образом получив возможность оперировать в контексте операционной системы...

Microsoft Windows NT 4.0SP1SP2SP3SP4SP5SP6 - Services.exe Denial of Service (1)

Microsoft Windows NT 4.0SP1SP2SP3SP4SP5SP6 - Services.exe Denial of Service 1 source: https://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will...