-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 H D Moore wrote: > On Monday 22 December 2008, ArcSighter Elite wrote: >> I came this morning with something. The MS08-67 patch when challenge >> keys couldn't be replayed, affects also the other variants of the >> attack, such as http 401 + WWW-Authenticate: NTLM, and the IMAP, POP >> and SMTP versions? > > Supposedly it affects any component that initializes the security > negotiation the "right" way, but only during a direct reflection attack. > You can still relay to a third-party host regardless of protocol. > > -HD > > > > > ------------------------------------------------------------------------ > > _______________________________________________ > Framework-Hackers mailing list > Framework-Hackers@spool.metasploit.com > http://spool.metasploit.com/mailman/listinfo/framework-hackers
Well, this is how we go. Before MS08-067: Windows XP SP2 Spanish: I totally owned. HTTP-based. No user intervention. No nothing. KIS2009 doesn't block (find-socket). I totally owned SMB-SMB attack, UNC share. After MS08-067: I owned too! But this time I got a prompt asking for username and password; I mean, It doesn't automatically authenticate. The SMB-SMB attack doesn't spawn my shell. Tell me what you think to proceed to XP SP3; although I think I will get the same results. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJT8LKH+KgkfcIQ8cRAjn0AJ9t5oqvvvhE9G2zFbjM0rsE+b0epACfbKAa edWBCnvZbTiWXzbwT1SRLSs= =g+P0 -----END PGP SIGNATURE----- _______________________________________________ Framework-Hackers mailing list Framework-Hackers@spool.metasploit.com http://spool.metasploit.com/mailman/listinfo/framework-hackers