Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] RDS exploit simulation
From: "Davidson,Sam" <SDAVIDSON () CERNER COM>
Date: Mon, 18 Sep 2000 11:17:36 -0500

This is because you are using patched versions being distributed on newer
versions of the Option Pack and MCIS CD's.
You need to dig up the oldest copy of the Option Pack you can find.
You can also try to finding  a copy of the IIS 4.0 Server Training Kit from
MS-Press.
The Option Pack CD which is distributed with the kit might still be
vulnerable.
If despite all of this, you can't find one, send me a note under a separate
cover and I'll see what I can do about getting you a distribution.
Microsofts license agreement allows you to give it away (they give it
away)to anyone.

------------------------------
Sam Davidson
Cerner Corporation
2800 Rockcreek Pkwy
Kansas City, MO  64117
816 201 1944
816 365 6904 Direct

sdavidson () cerner com
www.cerner.com

"The only thing that has been missing until now is the incentive to
hack. Now, theres plenty of incentive, its easier than ever, theres not
enough talent out there to combat it, and companies are more
interested in being on the Internet than being secure on the Internet."
Avi Rubin AT&T Labs
------------------------------



-----Original Message-----
From: Oliver Petruzel [mailto:oliverpetruzel () EMAIL COM]
Sent: Monday, September 18, 2000 10:14 AM
To: PEN-TEST () SECURITYFOCUS COM
Subject: [PEN-TEST] RDS exploit simulation


my dearest pentesting compadres,

ok, im at a loss to determine why this isn't working right now, so i
will throw this out:  Can somone..anyone! please list the exact
specifications for as simulation test of Rain Forrest's RDS exploit?
Starting with a naked system, what EXACTLY needs to be installed to get
a vulnerable MDAC and RDS services?  All my previous attempts have
yielded safe systems. (uhg..and yes, I answered "yes" when it asked me
if I wanted RDS "on"...)

I have tried every IIS version/service pack installs/etc and still come
up with a non-vulnerable system.  I have used this so many times in the
wild, it's hard to imagine what I'm doing wrong.

I need it for demonstration purposes (among 15 other demo'd exploits im
doing for the powers that be), and although the script is neato to watch
chugging away, it's all for nothing when it comes up dry!

Also, can anyone recommend a good pre-existing IMAP or POP vuln script
and simulation config?

thanks
./Oliver_Petruzel


-----------------------------------------------
FREE! The World's Best Email Address @email.com
Reserve your name now at http://www.email.com


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]