Didier Stevens

Tuesday 29 August 2006

Metasploit MS06-040 Demo

Filed under: Hacking — Didier Stevens @ 22:20

I needed to convince someone that patching Windows is necessary. That’s why I made him a short video clip where I use Metasploit 2.6 to exploit vulnerability MS06-040 on a Windows 2000 SP4 server, and now I decided to share it with you.

I create a remote shell on the attacked server, connect to it and change the administrators password to Hacked.

The Metasploit web interface is used to create a higher visual impact.

Hosted here on YouTube.

7 Comments »

  1. Is there any way of increasing the size of the video. I cannot read the screens very well.

    Comment by Charlene — Friday 1 September 2006 @ 14:55

  2. Sorry, this is the highest resolution supported by YouTube, but I’ll see what I can do.

    Didier

    Comment by Didier Stevens — Friday 1 September 2006 @ 16:53

  3. I’ve posted a hires version here: http://didierstevens.com/files/Metasploit-MS06-040-xvid.avi

    If you’ve problems playing the movie, it’s encoded with the XviD codec: http://www.xvidmovies.com/codec/

    Comment by Didier Stevens — Friday 1 September 2006 @ 20:31

  4. […] I needed to convince someone that patching Windows is necessary. That’s why I made him a short video clip where I use Metasploit 2.6 to exploit vulnerability MS06-040 on a Windows 2000 SP4 server, and now I decided to share it with you. I create a remote shell on the attacked server, connect to it and change the administrators password to Hacked. Full Story […]

    Pingback by TechnologyFrog » Blog Archive » Metasploit MS06-040 Demo — Saturday 2 September 2006 @ 1:20

  5. […] Recently the exploit of a Vulnerability (MS06-040) in Windows’s Server Service Could Allow a hacker to run malicious code on a remote system. Well Its all well and good that Microsoft have identified this as a “possible” security threat and have made an update but what does it look like in action? Didier Stevens has made a video clip showing the exploit in action (using Metasploit) on a Windows 2000 SP4 server to “convince someone that using windows update was necessary.” (I would have to agree with him there after seeing this in action) […]

    Pingback by Metasploit MS06-040 Demo » MSBLOG — Monday 4 September 2006 @ 10:28

  6. Is the same bug exploitable for a Win 2003 SP1 target?

    Comment by Tom Buelens — Friday 25 January 2008 @ 10:35

  7. I didn’t test it on 2003 SP1, but according to the MS security bulletin MS06-040, it is also vulnerable.

    Comment by Didier Stevens — Tuesday 29 January 2008 @ 20:10


RSS feed for comments on this post. TrackBack URI

Leave a Reply (comments are moderated)

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Blog at WordPress.com.