Comments on: Metasploit MS06-040 Demo http://blog.didierstevens.com/2006/08/29/metasploit-ms06-040-demo/ (blog 'DidierStevens) Wed, 08 Feb 2012 19:23:01 +0000 hourly 1 http://wordpress.com/ By: Didier Stevens http://blog.didierstevens.com/2006/08/29/metasploit-ms06-040-demo/#comment-26908 Tue, 29 Jan 2008 20:10:54 +0000 https://didierstevens.wordpress.com/2006/08/29/metasploit-ms06-040-demo/#comment-26908 I didn’t test it on 2003 SP1, but according to the MS security bulletin MS06-040, it is also vulnerable.

]]> By: Tom Buelens http://blog.didierstevens.com/2006/08/29/metasploit-ms06-040-demo/#comment-26791 Fri, 25 Jan 2008 10:35:55 +0000 https://didierstevens.wordpress.com/2006/08/29/metasploit-ms06-040-demo/#comment-26791 Is the same bug exploitable for a Win 2003 SP1 target?

]]> By: Metasploit MS06-040 Demo » MSBLOG http://blog.didierstevens.com/2006/08/29/metasploit-ms06-040-demo/#comment-83 Mon, 04 Sep 2006 10:28:49 +0000 https://didierstevens.wordpress.com/2006/08/29/metasploit-ms06-040-demo/#comment-83 [...] Recently the exploit of a Vulnerability (MS06-040) in Windows’s Server Service Could Allow a hacker to run malicious code on a remote system. Well Its all well and good that Microsoft have identified this as a “possible” security threat and have made an update but what does it look like in action? Didier Stevens has made a video clip showing the exploit in action (using Metasploit) on a Windows 2000 SP4 server to “convince someone that using windows update was necessary.” (I would have to agree with him there after seeing this in action) [...]

]]> By: TechnologyFrog » Blog Archive » Metasploit MS06-040 Demo http://blog.didierstevens.com/2006/08/29/metasploit-ms06-040-demo/#comment-80 Sat, 02 Sep 2006 01:20:16 +0000 https://didierstevens.wordpress.com/2006/08/29/metasploit-ms06-040-demo/#comment-80 [...] I needed to convince someone that patching Windows is necessary. That’s why I made him a short video clip where I use Metasploit 2.6 to exploit vulnerability MS06-040 on a Windows 2000 SP4 server, and now I decided to share it with you. I create a remote shell on the attacked server, connect to it and change the administrators password to Hacked. Full Story [...]

]]> By: Didier Stevens http://blog.didierstevens.com/2006/08/29/metasploit-ms06-040-demo/#comment-79 Fri, 01 Sep 2006 20:31:48 +0000 https://didierstevens.wordpress.com/2006/08/29/metasploit-ms06-040-demo/#comment-79 I’ve posted a hires version here: http://didierstevens.com/files/Metasploit-MS06-040-xvid.avi

If you’ve problems playing the movie, it’s encoded with the XviD codec: http://www.xvidmovies.com/codec/

]]> By: Didier Stevens http://blog.didierstevens.com/2006/08/29/metasploit-ms06-040-demo/#comment-77 Fri, 01 Sep 2006 16:53:53 +0000 https://didierstevens.wordpress.com/2006/08/29/metasploit-ms06-040-demo/#comment-77 Sorry, this is the highest resolution supported by YouTube, but I’ll see what I can do.

Didier

]]> By: Charlene http://blog.didierstevens.com/2006/08/29/metasploit-ms06-040-demo/#comment-75 Fri, 01 Sep 2006 14:55:01 +0000 https://didierstevens.wordpress.com/2006/08/29/metasploit-ms06-040-demo/#comment-75 Is there any way of increasing the size of the video. I cannot read the screens very well.

]]>