Pages: [1] 2

Author Topic: [POC] Windows RDP Vulnerability Exploit  (Read 5747 times)

0 Members and 1 Guest are viewing this topic.

Offline noob

  • Knight
  • **
  • Posts: 202
  • Cookies: 29
    • View Profile
[POC] Windows RDP Vulnerability Exploit
« on: March 17, 2012, 12:27:34 am »


Code: [Select]
http://pastebin.com/UzDKcCQy
Code: [Select]
http://pastie.org/private/feg8du0e9kfagng4rrg
Report to moderator   Logged

Offline noob

  • Knight
  • **
  • Posts: 202
  • Cookies: 29
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #1 on: March 17, 2012, 12:36:23 am »
http://gun.io/open/48/metasploit-module-for-cve-2012-002

1500$ to see a working exploit for CVE-2012-0002 (the new RDP hole) as a Metasploit module.
Report to moderator   Logged

Offline FuyuKitsune

  • Knight
  • **
  • Posts: 292
  • Cookies: 21
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #2 on: March 17, 2012, 12:40:04 am »
Welp, time to disable RDP
Report to moderator   Logged

Offline Infinityexists

  • Peasant
  • *
  • Posts: 74
  • Cookies: 1
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #3 on: March 17, 2012, 09:56:16 am »
could you please add some more description ?
Report to moderator   Logged

Offline I_Learning_I

  • Knight
  • **
  • Posts: 267
  • Cookies: 26
  • Nor black or white, not even grey. What hat am I?
    • View Profile
    • Hacking F0r Fr33
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #4 on: March 17, 2012, 10:58:30 am »
Is this supposed to be triggered after you're logged in and then you get access, or simply execute a remote exploit to a server and you will, after executing, gain access?
I know this works with the RDP protocol itself, but I don't know if the authentication is made with the protocol.
Report to moderator   Logged
Thanks for reading,
I_Learning_I

Offline ca0s

  • VIP
  • Sir
  • *
  • Posts: 432
  • Cookies: 53
    • View Profile
    • ka0labs #
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #5 on: March 17, 2012, 11:09:10 am »
As far as I have read in twitter, the most one of these PoCs can do is crash the victim.
Report to moderator   Logged

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #6 on: March 17, 2012, 01:18:55 pm »
With this flaw you are able to connect to a remote desktop without the need of a password and or remote desktop having to be enabled.
Report to moderator   Logged
~Factionwars

Offline Infinityexists

  • Peasant
  • *
  • Posts: 74
  • Cookies: 1
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #7 on: March 17, 2012, 02:07:32 pm »
Quote from: Factionwars on March 17, 2012, 01:18:55 pm
With this flaw you are able to connect to a remote desktop without the need of a password and or remote desktop having to be enabled.


What is the procedure , i mean how it works ?
Any Documentation for this please
Report to moderator   Logged

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #8 on: March 17, 2012, 02:34:22 pm »
Quote from: OverBurneD on March 17, 2012, 02:07:32 pm

What is the procedure , i mean how it works ?
Any Documentation for this please
You will have to google it yourself, its a 0day,   no 100% working poc  yet,   
Report to moderator   Logged
~Factionwars

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #9 on: March 17, 2012, 05:11:21 pm »
Holy Jesus! It's times like this I'm glad I use linux :D
Report to moderator   Logged

Offline Stackprotector

  • Administrator
  • Titan
  • *
  • Posts: 2515
  • Cookies: 205
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #10 on: March 17, 2012, 05:24:19 pm »
Quote from: Kulverstukas on March 17, 2012, 05:11:21 pm
Holy Jesus! It's times like this I'm glad I use linux :D

Linux also get 0days like these,    they only get fixed in quicker.
Report to moderator   Logged
~Factionwars

Offline ande

  • Owner
  • Titan
  • *
  • Posts: 2664
  • Cookies: 256
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #11 on: March 18, 2012, 06:17:00 am »
Quote from: Factionwars on March 17, 2012, 01:18:55 pm
With this flaw you are able to connect to a remote desktop without the need of a password and or remote desktop having to be enabled.

I highly doubt it will work if you have not enabled remote access on your computer. After all, there are no service or application even listening to the port..?
Report to moderator   Logged
if($statement) { unless(!$statement) { // Very sure } }
https://evilzone.org/?hack=true

Offline Kulverstukas

  • Administrator
  • Zeus
  • *
  • Posts: 6627
  • Cookies: 542
  • Fascist dictator
    • View Profile
    • My blog
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #12 on: March 18, 2012, 11:21:51 am »
Quote from: ande on March 18, 2012, 06:17:00 am
I highly doubt it will work if you have not enabled remote access on your computer. After all, there are no service or application even listening to the port..?
You never know when MS decides to have fun.
Report to moderator   Logged

Offline I_Learning_I

  • Knight
  • **
  • Posts: 267
  • Cookies: 26
  • Nor black or white, not even grey. What hat am I?
    • View Profile
    • Hacking F0r Fr33
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #13 on: March 20, 2012, 09:09:06 am »
I think Factionwars means WITH Remote Desktop enabled, you're able to login unauthenticated.
Thanks for the info to everyone.
Report to moderator   Logged
Thanks for reading,
I_Learning_I

Offline redblack

  • /dev/null
  • *
  • Posts: 7
  • Cookies: 0
    • View Profile
Re: [POC] Windows RDP Vulnerability Exploit
« Reply #14 on: March 20, 2012, 06:20:42 pm »
as far as I tested, all the poc just bsod the victim
Report to moderator   Logged
Pages: [1] 2