MS10-012 Remote Unauthenticated Vulnerability Check.

 
 10 Feb 2010 @ 4:20 PM 

You don’t get this often… the advisory released by the vulnerability researcher includes a ton of PoC code that can be used to, among other things, detect the MS10-012 patch without authentication.

The script connects to a target over TCP 445 and sends it a negotiation request.  The response is parsed for the 8byte challenge token and stored.  After approximately 2000 request we get our first duplicate challenge token.

At the end of a 5 minute test run my results were:

Challenges: 49,328
Duplicates: 198

… um, wow. (10.7.0.122 = PATCHED and 10.7.0.140 = UNPATCHED)

Posted By: jRichards
Last Edit: 10 Feb 2010 @ 05:12 PM

EmailPermalink
Tags
Categories: Uncategorized
Previous Next


 

Responses to this post » (None)

 
Post a Comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Tags
Comment Meta:
RSS Feed for comments
TrackBack URI
Last 50 Posts
Back
Register an account
Change Theme...
  • Users » 52
  • Posts/Pages » 28
  • Comments » 13
Change Theme...
  • VoidVoid « Default
  • LifeLife
  • EarthEarth
  • WindWind
  • WaterWater
  • FireFire
  • LightLight

About



    No Child Pages.

Vulns



    No Child Pages.

Fuzzing

Tools



    No Child Pages.

PaiMei



    No Child Pages.

PGP Key



    No Child Pages.